Filtered by vendor Novell
Subscriptions
Total
671 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2011-0995 | 2 Novell, Rubyforge | 2 Suse Linux Enterprise, Rubygem-sqlite3 | 2024-08-06 | N/A |
| The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors. | ||||
| CVE-2011-0993 | 1 Novell | 1 Suse Lifecycle Management Server | 2024-08-06 | N/A |
| SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors. | ||||
| CVE-2011-0991 | 2 Mono, Novell | 2 Mono, Moonlight | 2024-08-06 | N/A |
| Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance. | ||||
| CVE-2011-0988 | 2 Novell, Pureftpd | 2 Suse Linux, Pure-ftpd | 2024-08-06 | N/A |
| pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors. | ||||
| CVE-2011-0990 | 2 Mono, Novell | 2 Mono, Moonlight | 2024-08-06 | N/A |
| Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action. | ||||
| CVE-2011-0992 | 2 Mono, Novell | 2 Mono, Moonlight | 2024-08-06 | N/A |
| Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance. | ||||
| CVE-2011-0994 | 1 Novell | 1 File Reporter | 2024-08-06 | N/A |
| Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data. | ||||
| CVE-2011-0989 | 2 Mono, Novell | 2 Mono, Moonlight | 2024-08-06 | N/A |
| The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file, as demonstrated by modifying a C# struct. | ||||
| CVE-2011-0742 | 1 Novell | 1 Zenworks Handheld Management | 2024-08-06 | N/A |
| Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. | ||||
| CVE-2011-0464 | 1 Novell | 1 Vibe Onprem | 2024-08-06 | N/A |
| Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors. | ||||
| CVE-2012-6657 | 3 Linux, Novell, Redhat | 3 Linux Kernel, Suse Linux Enterprise Server, Enterprise Linux | 2024-08-06 | N/A |
| The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket. | ||||
| CVE-2012-6534 | 1 Novell | 1 Sentinel Log Manager | 2024-08-06 | N/A |
| Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save Query As" "Save As Retention Policy" action. | ||||
| CVE-2012-6344 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-06 | 6.1 Medium |
| Novell ZENworks Configuration Management before 11.2.4 allows XSS. | ||||
| CVE-2012-6345 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-06 | 7.5 High |
| Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information. | ||||
| CVE-2012-5938 | 3 Conectiva, Ibm, Novell | 3 Linux, Infosphere Information Server, Unixware | 2024-08-06 | N/A |
| The installation process in IBM InfoSphere Information Server 8.1, 8.5, 8.7, and 9.1 on UNIX and Linux sets incorrect permissions and ownerships for unspecified files, which allows local users to bypass intended access restrictions via standard filesystem operations. | ||||
| CVE-2012-4956 | 1 Novell | 1 File Reporter | 2024-08-06 | N/A |
| Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record. | ||||
| CVE-2012-4933 | 1 Novell | 1 Zenworks Asset Management | 2024-08-06 | N/A |
| The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote attackers to obtain sensitive information via a crafted rtrlet/rtr request for the HandleMaintenanceCalls function. | ||||
| CVE-2012-4912 | 1 Novell | 1 Groupwise | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to inject arbitrary web script or HTML via a crafted signature in an HTML e-mail message. | ||||
| CVE-2012-2215 | 1 Novell | 1 Zenworks Configuration Management | 2024-08-06 | N/A |
| Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request. | ||||
| CVE-2012-2313 | 3 Linux, Novell, Redhat | 10 Linux Kernel, Suse Linux Enterprise Server, Enterprise Linux and 7 more | 2024-08-06 | N/A |
| The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call. | ||||