Filtered by vendor Novell
Subscriptions
Total
671 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-0273 | 1 Novell | 1 Groupwise | 2024-08-07 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allow remote attackers to inject arbitrary web script or HTML via the (1) User.id and (2) Library.queryText parameters to gw/webacc, and other vectors involving (3) HTML e-mail and (4) HTML attachments. | ||||
| CVE-2009-0272 | 1 Novell | 1 Groupwise | 2024-08-07 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Novell GroupWise WebAccess 6.5x, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 allows remote attackers to insert e-mail forwarding rules, and modify unspecified other configuration settings, as arbitrary users via unknown vectors. | ||||
| CVE-2009-0192 | 1 Novell | 1 Edirectory | 2024-08-07 | N/A |
| Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow. | ||||
| CVE-2009-0115 | 9 Avaya, Christophe.varoqui, Debian and 6 more | 12 Intuity Audix Lx, Message Networking, Messaging Storage Server and 9 more | 2024-08-07 | 7.8 High |
| The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon. | ||||
| CVE-2010-5323 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-07 | N/A |
| Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parameter in conjunction with WAR content in the POST data, a different vulnerability than CVE-2010-5324. | ||||
| CVE-2010-5324 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-07 | N/A |
| Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted directory name in the type parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323. | ||||
| CVE-2010-4325 | 1 Novell | 1 Groupwise | 2024-08-07 | N/A |
| Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message. | ||||
| CVE-2010-4327 | 1 Novell | 1 Edirectory | 2024-08-07 | N/A |
| Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524. | ||||
| CVE-2010-4323 | 1 Novell | 1 Zenworks Configuration Manager | 2024-08-07 | N/A |
| Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request. | ||||
| CVE-2010-4326 | 1 Novell | 1 Groupwise | 2024-08-07 | N/A |
| Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message. | ||||
| CVE-2010-4328 | 1 Novell | 1 Iprint Open Enterprise Server | 2024-08-07 | N/A |
| Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes. | ||||
| CVE-2010-4322 | 1 Novell | 1 Vibe Onprem | 2024-08-07 | N/A |
| Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field. | ||||
| CVE-2010-4321 | 1 Novell | 1 Iprint Client | 2024-08-07 | N/A |
| Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method. | ||||
| CVE-2010-4324 | 1 Novell | 2 Identity Manager, Identity Manager Roles Based Provisioning Module | 2024-08-07 | N/A |
| Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4314 | 2 Microsoft, Novell | 4 Windows 7, Windows Vista, Windows Xp and 1 more | 2024-08-07 | N/A |
| Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter. | ||||
| CVE-2010-4299 | 1 Novell | 1 Zenworks Handheld Management | 2024-08-07 | N/A |
| Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400. | ||||
| CVE-2010-4254 | 2 Mono, Novell | 2 Mono, Moonlight | 2024-08-07 | N/A |
| Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call. | ||||
| CVE-2010-4229 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-07 | N/A |
| Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request. | ||||
| CVE-2010-4227 | 1 Novell | 1 Netware | 2024-08-07 | N/A |
| The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. | ||||
| CVE-2010-4228 | 1 Novell | 1 Netware | 2024-08-07 | N/A |
| Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4. | ||||