Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-3710 | 1 Novell | 1 Suse Lifecycle Management Server | 2025-04-11 | N/A |
| SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere. | ||||
| CVE-2013-3956 | 2 Microsoft, Novell | 7 Windows 2003 Server, Windows 7, Windows 8 and 4 more | 2025-04-11 | N/A |
| The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call. | ||||
| CVE-2013-3708 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to cause a denial of service via unspecified vectors. | ||||
| CVE-2013-3567 | 5 Canonical, Novell, Puppet and 2 more | 7 Ubuntu Linux, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server and 4 more | 2025-04-11 | N/A |
| Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call. | ||||
| CVE-2011-1708 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. | ||||
| CVE-2010-4228 | 1 Novell | 1 Netware | 2025-04-11 | N/A |
| Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4. | ||||
| CVE-2013-1097 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event. | ||||
| CVE-2003-1591 | 1 Novell | 1 Netware | 2025-04-11 | N/A |
| NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload. | ||||
| CVE-2004-2767 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session. | ||||
| CVE-2003-1592 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | ||||
| CVE-2009-4879 | 1 Novell | 1 Access Manager | 2025-04-11 | N/A |
| The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions. | ||||
| CVE-2013-1096 | 1 Novell | 1 Identity Manager Roles Based Provisioning Module | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via a taskDetail taskId. | ||||
| CVE-2013-1092 | 1 Novell | 1 Zenworks Desktop Management | 2025-04-11 | N/A |
| Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe. | ||||
| CVE-2011-1699 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. | ||||
| CVE-2013-1082 | 1 Novell | 1 Zenworks Mobile Management | 2025-04-11 | N/A |
| Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter. | ||||
| CVE-2013-1085 | 1 Novell | 2 Groupwise Messenger, Messenger | 2025-04-11 | N/A |
| Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter. | ||||
| CVE-2010-2777 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command. | ||||
| CVE-2012-4912 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to inject arbitrary web script or HTML via a crafted signature in an HTML e-mail message. | ||||
| CVE-2012-4957 | 1 Novell | 1 File Reporter | 2025-04-11 | N/A |
| Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record. | ||||
| CVE-2009-4662 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter. | ||||