Filtered by vendor Novell
Subscriptions
Total
671 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2011-2222 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2024-08-06 | N/A |
Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors. | ||||
CVE-2011-2220 | 1 Novell | 2 File Reporter, File Reporter Engine | 2024-08-06 | N/A |
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element. | ||||
CVE-2011-2227 | 1 Novell | 2 Identity Manager Roles Based Provisioning Module, Identity Manager User Application | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603. | ||||
CVE-2011-2226 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing. | ||||
CVE-2011-2223 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2024-08-06 | N/A |
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | ||||
CVE-2011-2225 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2024-08-06 | N/A |
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh. | ||||
CVE-2011-2221 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2024-08-06 | N/A |
The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors. | ||||
CVE-2011-1707 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url. | ||||
CVE-2011-1699 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. | ||||
CVE-2011-1706 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url. | ||||
CVE-2011-1702 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url. | ||||
CVE-2011-1711 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2024-08-06 | N/A |
Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer 1.0.x, and 1.1.x through 1.1.1 build 428, allows remote authenticated users to access the accounts of other users via unknown vectors. | ||||
CVE-2011-1708 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. | ||||
CVE-2011-1704 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url. | ||||
CVE-2011-1701 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url. | ||||
CVE-2011-1705 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url. | ||||
CVE-2011-1700 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url. | ||||
CVE-2011-1696 | 1 Novell | 2 Identity Manager Roles Based Provisioning Module, Identity Manager User Application | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972. | ||||
CVE-2011-1703 | 1 Novell | 1 Iprint | 2024-08-06 | N/A |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url. | ||||
CVE-2011-1551 | 1 Novell | 1 Opensuse Factory | 2024-08-06 | N/A |
SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account during root filesystem operations by the Cobbler daemon. |