ReportizFlow
Filtered by vendor Novell
Subscriptions
Total
671 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0611 | 1 Novell | 1 Groupwise | 2025-04-12 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-5212 | 1 Novell | 1 Edirectory | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter. | ||||
| CVE-2012-6657 | 3 Linux, Novell, Redhat | 3 Linux Kernel, Suse Linux Enterprise Server, Enterprise Linux | 2025-04-12 | N/A |
| The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. | ||||
| CVE-2014-1505 | 7 Canonical, Debian, Mozilla and 4 more | 18 Ubuntu Linux, Debian Linux, Firefox and 15 more | 2025-04-12 | 7.5 High |
| The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. | ||||
| CVE-2014-8559 | 7 Canonical, Linux, Novell and 4 more | 14 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 11 more | 2025-04-12 | 5.5 Medium |
| The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | ||||
| CVE-2015-0395 | 6 Canonical, Debian, Novell and 3 more | 10 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Server and 7 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot. | ||||
| CVE-2015-0412 | 6 Canonical, Debian, Novell and 3 more | 11 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS. | ||||
| CVE-2015-0421 | 3 Novell, Oracle, Redhat | 4 Suse Linux Enterprise Desktop, Jdk, Jre and 1 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process. | ||||
| CVE-2015-0439 | 3 Novell, Oracle, Suse | 5 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Mysql and 2 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756. | ||||
| CVE-2015-0458 | 4 Novell, Opensuse, Oracle and 1 more | 7 Suse Linux Enterprise Desktop, Opensuse, Jdk and 4 more | 2025-04-12 | N/A |
| Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment. | ||||
| CVE-2016-1598 | 1 Novell | 2 Identity Manager, Identity Manager Identity Applications | 2025-04-12 | N/A |
| XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages. | ||||
| CVE-2016-1611 | 1 Novell | 1 Filr | 2025-04-12 | N/A |
| Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands. | ||||
| CVE-2016-1955 | 3 Mozilla, Novell, Opensuse | 4 Firefox, Suse Package Hub For Suse Linux Enterprise, Leap and 1 more | 2025-04-12 | N/A |
| Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element. | ||||
| CVE-2016-1594 | 1 Novell | 1 Service Desk | 2025-04-12 | N/A |
| Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a (1) downloadLogFiles or (2) downloadFile action. | ||||
| CVE-2016-1658 | 5 Debian, Google, Novell and 2 more | 5 Debian Linux, Chrome, Suse Package Hub For Suse Linux Enterprise and 2 more | 2025-04-12 | N/A |
| The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension. | ||||
| CVE-2015-0408 | 6 Canonical, Debian, Novell and 3 more | 11 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Desktop and 8 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI. | ||||
| CVE-2016-2384 | 3 Linux, Novell, Redhat | 4 Linux Kernel, Suse Linux Enterprise Real Time Extension, Enterprise Linux and 1 more | 2025-04-12 | N/A |
| Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor. | ||||
| CVE-2016-5763 | 1 Novell | 2 Open Enterprise Server 11, Open Enterprise Server 2015 | 2025-04-12 | N/A |
| Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update 10991, OES11 SP2 before Scheduled Maintenance Update 10989) might allow authenticated remote attackers to perform unauthorized file access and modification. | ||||
| CVE-2014-0598 | 1 Novell | 1 Open Enterprise Server | 2025-04-12 | N/A |
| Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors. | ||||
| CVE-2015-0779 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-12 | N/A |
| Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324. | ||||