ReportizFlow
Filtered by vendor Novell
Subscriptions
Total
676 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-5286 | 1 Novell | 1 Bordermanager | 2026-04-23 | N/A |
| Unspecified vulnerability in IKE.NLM in Novell BorderManager 3.8 allows attackers to cause a denial of service (crash) via unknown attack vectors related to "VPN issues" for certain "IKE and IPsec settings." | ||||
| CVE-2006-6299 | 1 Novell | 1 Zenworks Asset Management | 2026-04-23 | N/A |
| Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow. | ||||
| CVE-2006-6443 | 1 Novell | 1 Client | 2026-04-23 | N/A |
| Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors. | ||||
| CVE-2006-6450 | 1 Novell | 1 Zenworks Patch Management Server | 2026-04-23 | N/A |
| Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. | ||||
| CVE-2007-1285 | 5 Canonical, Novell, Php and 2 more | 10 Ubuntu Linux, Suse Linux, Php and 7 more | 2026-04-23 | 7.5 High |
| The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines. | ||||
| CVE-2007-1309 | 1 Novell | 1 Access Manager | 2026-04-23 | N/A |
| Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt. | ||||
| CVE-2009-1568 | 1 Novell | 1 Iprint Client | 2026-04-23 | N/A |
| Stack-based buffer overflow in ienipp.ocx in Novell iPrint Client 5.30, and possibly other versions before 5.32, allows remote attackers to execute arbitrary code via a long target-frame parameter. | ||||
| CVE-2007-3200 | 1 Novell | 1 Modular Authentication Service | 2026-04-23 | N/A |
| NMASINST in Novell Modular Authentication Service (NMAS) 3.1.2 and earlier on NetWare logs its invoking command line to NMASINST.LOG, which might allow local users to obtain the admin username and password by reading this file. | ||||
| CVE-2007-3571 | 1 Novell | 2 Groupwise, Netware | 2026-04-23 | N/A |
| The Apache Web Server as used in Novell NetWare 6.5 and GroupWise allows remote attackers to obtain sensitive information via a certain directive to Apache that causes the HTTP-Header response to be modified, which may reveal the server's internal IP address. | ||||
| CVE-2007-4432 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2026-04-23 | N/A |
| Untrusted search path vulnerability in the wrapper scripts for the (1) rug, (2) zen-updater, (3) zen-installer, and (4) zen-remover programs on SUSE Linux 10.1 and Enterprise 10 allows local users to gain privileges via modified (a) LD_LIBRARY_PATH and (b) MONO_GAC_PREFIX environment variables. | ||||
| CVE-2007-6302 | 1 Novell | 1 Netmail | 2026-04-23 | N/A |
| Multiple heap-based buffer overflows in avirus.exe in Novell NetMail 3.5.2 before Messaging Architects M+NetMail 3.52f (aka 3.5.2F) allows remote attackers to execute arbitrary code via unspecified ASCII integers used as memory allocation arguments, aka "ZDI-CAN-162." | ||||
| CVE-2008-0927 | 2 Microsoft, Novell | 2 Windows-nt, Edirectory | 2026-04-23 | N/A |
| dhost.exe in Novell eDirectory 8.7.3 before sp10 and 8.8.2 allows remote attackers to cause a denial of service (CPU consumption) via an HTTP request with (1) multiple Connection headers or (2) a Connection header with multiple comma-separated values. NOTE: this might be similar to CVE-2008-1777. | ||||
| CVE-2008-6722 | 1 Novell | 1 Access Manager | 2026-04-23 | N/A |
| Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate attackers to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to inability of Apache Tomcat to clear entries from its SSL cache. | ||||
| CVE-2009-0115 | 9 Avaya, Christophe.varoqui, Debian and 6 more | 12 Intuity Audix Lx, Message Networking, Messaging Storage Server and 9 more | 2026-04-23 | 7.8 High |
| The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | ||||
| CVE-2009-0714 | 5 Hp, Microsoft, Novell and 2 more | 5 Data Protector Express, Windows, Netware and 2 more | 2026-04-23 | N/A |
| Unspecified vulnerability in the dpwinsup module (dpwinsup.dll) for dpwingad (dpwingad.exe) in HP Data Protector Express and Express SSE 3.x before build 47065, and Express and Express SSE 4.x before build 46537, allows remote attackers to cause a denial of service (application crash) or read portions of memory via one or more crafted packets. | ||||
| CVE-2009-0895 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| Integer overflow in Novell eDirectory 8.7.3.x before 8.7.3.10 ftf2 and 8.8.x before 8.8.5.2 allows remote attackers to execute arbitrary code via an NDS Verb 0x1 request containing a large integer value that triggers a heap-based buffer overflow. | ||||
| CVE-2008-5231 | 1 Novell | 1 Iprint | 2026-04-23 | N/A |
| Stack-based buffer overflow in the ExecuteRequest method in the Novell iPrint ActiveX control in ienipp.ocx in Novell iPrint Client 5.06 and earlier allows remote attackers to execute arbitrary code via a long target-frame option value, a different vulnerability than CVE-2008-2431. | ||||
| CVE-2008-2704 | 1 Novell | 1 Groupwise Messenger | 2026-04-23 | N/A |
| Novell GroupWise Messenger (GWIM) before 2.0.3 Hot Patch 1 allows remote attackers to cause a denial of service (crash) via a long user ID, possibly involving a popup alert. NOTE: it is not clear whether this issue crosses privilege boundaries. | ||||
| CVE-2008-4479 | 1 Novell | 1 Edirectory | 2026-04-23 | N/A |
| Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 before 8.8.3, and 8.7.3 before 8.7.3.10 ftf1, allows remote attackers to execute arbitrary code via a SOAP request with a long Accept-Language header. | ||||
| CVE-2009-1636 | 1 Novell | 1 Groupwise | 2026-04-23 | N/A |
| Multiple buffer overflows in the Internet Agent (aka GWIA) component in Novell GroupWise 7.x before 7.03 HP3 and 8.x before 8.0 HP2 allow remote attackers to execute arbitrary code via (1) a crafted e-mail address in an SMTP session or (2) an SMTP command. | ||||