| CVE-2011-2655 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-… |
| CVE-2011-2663 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment… |
| CVE-2011-2662 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE var… |
| CVE-2011-0334 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file. |
| CVE-2011-0333 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbit… |
| CVE-2011-2654 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls tha… |
| CVE-2011-2651 |
high |
— |
7.5 |
|
|
marcus_schafernovell |
15y ago |
Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename. |
| CVE-2011-2649 |
high |
— |
7.5 |
|
|
marcus_schafernovell |
15y ago |
Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call. |
| CVE-2011-2648 |
high |
— |
7.5 |
|
|
marcus_schafernovell |
15y ago |
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file. |
| CVE-2011-2647 |
high |
— |
7.5 |
|
|
marcus_schafernovell |
15y ago |
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modifie… |
| CVE-2011-2646 |
high |
— |
7.5 |
|
|
marcus_schafernovell |
15y ago |
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified fi… |
| CVE-2011-2645 |
high |
— |
7.5 |
|
|
marcus_schafernovell |
15y ago |
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM. |
| CVE-2011-2225 |
critical |
— |
9.3 |
|
|
marcus_schafernovell |
15y ago |
Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh. |
| CVE-2011-2220 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via … |
| CVE-2011-1708 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie. |
| CVE-2011-1707 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url. |
| CVE-2011-1706 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url. |
| CVE-2011-1705 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url. |
| CVE-2011-1704 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url. |
| CVE-2011-1703 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url. |
| CVE-2011-1702 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url. |
| CVE-2011-1701 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url. |
| CVE-2011-1700 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url. |
| CVE-2011-1699 |
critical |
— |
9.3 |
|
|
novell |
15y ago |
Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url. |
| CVE-2010-4229 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allow… |
| CVE-2011-0994 |
critical |
— |
10.0 |
|
|
novell |
15y ago |
Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data. |
| CVE-2011-0464 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors. |
| CVE-2010-4227 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS R… |
| CVE-2010-4328 |
high |
— |
8.5 |
EXP |
|
novell |
16y ago |
Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified L… |
| CVE-2010-4323 |
high |
— |
8.5 |
EXP |
|
novell |
16y ago |
Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a lo… |
| CVE-2011-0742 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. |
| CVE-2010-4714 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwm… |
| CVE-2010-4713 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-T… |
| CVE-2010-4712 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header conta… |
| CVE-2010-4711 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in … |
| CVE-2010-2777 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute a… |
| CVE-2010-4326 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as … |
| CVE-2010-4325 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR messag… |
| CVE-2010-4322 |
low |
— |
3.5 |
|
|
novell |
16y ago |
Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You W… |
| CVE-2010-4321 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method… |
| CVE-2010-4254 |
high |
— |
8.5 |
EXP |
|
mononovell |
16y ago |
Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possi… |
| CVE-2010-4299 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400. |
| CVE-2010-3264 |
low |
— |
2.1 |
|
|
novell |
16y ago |
The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file. |
| CVE-2010-3109 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter. |
| CVE-2010-3108 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names. |
| CVE-2010-3107 |
high |
— |
7.1 |
|
|
novell |
16y ago |
A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a d… |
| CVE-2010-3106 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cau… |
| CVE-2010-3105 |
critical |
— |
9.3 |
|
|
novell |
16y ago |
The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspec… |
| CVE-2010-1527 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action. |
| CVE-2010-1929 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow r… |
| CVE-2010-2351 |
critical |
— |
10.0 |
EXP |
|
novell |
16y ago |
Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a … |
| CVE-2010-0284 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Ac… |
| CVE-2007-6735 |
high |
— |
7.5 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended ac… |
| CVE-2005-4887 |
high |
— |
7.5 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. |
| CVE-2003-1596 |
high |
— |
7.5 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass i… |
| CVE-2003-1595 |
critical |
— |
10.0 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. |
| CVE-2003-1594 |
high |
— |
7.5 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP sessi… |
| CVE-2003-1593 |
high |
— |
7.5 |
|
|
novell |
16y ago |
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via a… |
| CVE-2000-1246 |
low |
— |
3.5 |
|
|
novell |
16y ago |
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. |
| CVE-2000-1245 |
high |
— |
7.5 |
|
|
novell |
16y ago |
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vect… |
| CVE-2009-4655 |
high |
— |
8.5 |
EXP |
|
novell |
17y ago |
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie. |
| CVE-2009-4654 |
critical |
— |
10.0 |
EXP |
|
novell |
17y ago |
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a s… |
| CVE-2009-4653 |
critical |
— |
10.0 |
EXP |
|
novell |
17y ago |
Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrar… |
