Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-7796 | 3 Novell, Redhat, Systemd Project | 11 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Server For Sap and 8 more | 2025-04-12 | N/A |
| The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled. | ||||
| CVE-2015-1339 | 2 Linux, Novell | 3 Linux Kernel, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Real Time Extension | 2025-04-12 | N/A |
| Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times. | ||||
| CVE-2014-8559 | 7 Canonical, Linux, Novell and 4 more | 14 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Desktop and 11 more | 2025-04-12 | 5.5 Medium |
| The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application. | ||||
| CVE-2015-2566 | 2 Novell, Oracle | 4 Suse Linux, Suse Linux For Vmware, Suse Linux Sdk and 1 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML. | ||||
| CVE-2014-0599 | 1 Novell | 1 Open Enterprise Server | 2025-04-12 | N/A |
| Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2014-0610 | 2 Microsoft, Novell | 2 Windows, Groupwise | 2025-04-12 | N/A |
| The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors. | ||||
| CVE-2016-1593 | 1 Novell | 1 Service Desk | 2025-04-12 | N/A |
| Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL. | ||||
| CVE-2016-6306 | 7 Canonical, Debian, Hp and 4 more | 11 Ubuntu Linux, Debian Linux, Icewall Federation Agent and 8 more | 2025-04-12 | 5.9 Medium |
| The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c. | ||||
| CVE-2014-1505 | 7 Canonical, Debian, Mozilla and 4 more | 18 Ubuntu Linux, Debian Linux, Firefox and 15 more | 2025-04-12 | 7.5 High |
| The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. | ||||
| CVE-2015-0405 | 2 Novell, Oracle | 4 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Suse Linux Enterprise Software Development Kit and 1 more | 2025-04-12 | N/A |
| Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA. | ||||
| CVE-2015-3044 | 7 Adobe, Apple, Linux and 4 more | 13 Flash Player, Mac Os X, Linux Kernel and 10 more | 2025-04-12 | N/A |
| Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors. | ||||
| CVE-2016-3138 | 3 Canonical, Linux, Novell | 10 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 7 more | 2025-04-12 | N/A |
| The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor. | ||||
| CVE-2016-1704 | 5 Canonical, Google, Novell and 2 more | 9 Ubuntu Linux, Chrome, Suse Package Hub For Suse Linux Enterprise and 6 more | 2025-04-12 | N/A |
| Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors. | ||||
| CVE-2016-4913 | 5 Canonical, Linux, Novell and 2 more | 8 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Debuginfo and 5 more | 2025-04-12 | 7.8 High |
| The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem. | ||||
| CVE-2016-4997 | 6 Canonical, Debian, Linux and 3 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2025-04-12 | 7.8 High |
| The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement. | ||||
| CVE-2015-8552 | 4 Canonical, Debian, Novell and 1 more | 5 Ubuntu Linux, Debian Linux, Suse Linux Enterprise Debuginfo and 2 more | 2025-04-12 | N/A |
| The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks." | ||||
| CVE-2015-8812 | 4 Canonical, Linux, Novell and 1 more | 5 Ubuntu Linux, Linux Kernel, Suse Linux Enterprise Real Time Extension and 2 more | 2025-04-12 | 9.8 Critical |
| drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets. | ||||
| CVE-2014-5213 | 1 Novell | 1 Edirectory | 2025-04-12 | N/A |
| nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request. | ||||
| CVE-2015-2735 | 6 Canonical, Debian, Mozilla and 3 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2025-04-12 | N/A |
| nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive. | ||||
| CVE-2015-2740 | 6 Canonical, Debian, Mozilla and 3 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2025-04-12 | N/A |
| Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors. | ||||