ReportizFlow
Filtered by vendor Novell
Subscriptions
Total
676 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0334 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file. | ||||
| CVE-2013-1085 | 1 Novell | 2 Groupwise Messenger, Messenger | 2025-04-11 | N/A |
| Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter. | ||||
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||
| CVE-2007-6734 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | ||||
| CVE-2010-3105 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2013-3567 | 5 Canonical, Novell, Puppet and 2 more | 7 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 4 more | 2025-04-11 | N/A |
| Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. | ||||
| CVE-2013-1084 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/. | ||||
| CVE-2013-6346 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2010-4228 | 1 Novell | 1 Netware | 2025-04-11 | N/A |
| Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4. | ||||
| CVE-2010-4322 | 1 Novell | 1 Vibe Onprem | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field. | ||||
| CVE-2010-4716 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4717 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command. | ||||
| CVE-2010-4711 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command. | ||||
| CVE-2013-3708 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2003-1593 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | ||||
| CVE-2011-2651 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename. | ||||
| CVE-2005-4888 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed. | ||||
| CVE-2009-4654 | 2 Microsoft, Novell | 2 Windows, Edirectory | 2025-04-11 | N/A |
| Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk. | ||||
| CVE-2005-4887 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. | ||||
| CVE-2011-1550 | 2 Gentoo, Novell | 2 Logrotate, Opensuse Factory | 2025-04-11 | N/A |
| The default configuration of logrotate on SUSE openSUSE Factory uses root privileges to process files in directories that permit non-root write access, which allows local users to conduct symlink and hard link attacks by leveraging logrotate's lack of support for untrusted directories, as demonstrated by directories for the (1) cobbler, (2) inn, (3) safte-monitor, and (4) uucp packages. | ||||