VIR Vulnerability Intelligence Relay

Search

Found 163 results in 21ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2015-0786 critical 9.8 9.8 novell 9y ago Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecif…
CVE-2015-0785 high 7.5 7.5 novell 9y ago com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable.
CVE-2015-0784 high 7.5 7.5 novell 9y ago Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable.
CVE-2015-0782 critical 9.8 9.8 novell 9y ago SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecifi…
CVE-2015-0781 critical 9.8 9.8 novell 9y ago Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecif…
CVE-2015-0780 critical 9.8 9.8 novell 9y ago SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via…
CVE-2016-9961 critical 9.8 9.8 FIX slesdebian debianfedora fedora game-music-emu_projectnovell 9y ago game-music-emu before 0.6.1 mishandles unspecified integer values.
CVE-2017-7432 critical 9.8 9.8 novellnetiq 9y ago Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.
CVE-2017-7431 high 8.8 8.8 novellnetiq 9y ago Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.
CVE-2017-5186 high 7.5 7.5 netiqnovell 9y ago Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the de…
CVE-2016-5762 critical 9.8 9.8 novell 9y ago Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password,…
CVE-2016-9167 high 7.5 7.5 novell 9y ago NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would…
CVE-2016-5747 high 7.5 7.5 novell 9y ago A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging pre…
CVE-2010-4314 high 8.8 8.8 windows windows novell 9y ago Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter.
CVE-2017-5182 high 7.5 7.5 novell 10y ago Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total info…
CVE-2016-5763 critical 9.1 9.1 novell 10y ago Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update…
CVE-2016-4303 critical 9.8 9.8 FIX debian debiansuse suse esnovell 10y ago The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex charac…
CVE-2015-8921 high 7.5 7.5 FIX slesdebian debianubuntu ubuntu novelllibarchive 10y ago The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.
CVE-2015-8919 high 7.5 7.5 FIX slesdebian debianubuntu ubuntu libarchivenovell 10y ago The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) …
CVE-2015-8918 high 7.5 7.5 FIX slesdebian debiansuse suse novelllibarchive 10y ago The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."
CVE-2016-1611 high 7.8 8.8 EXP novell 10y ago Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's conten…
CVE-2016-1610 high 7.5 8.5 EXP novell 10y ago Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrict…
CVE-2016-1608 high 8.8 9.8 EXP novell 10y ago vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer pa…
CVE-2016-1607 high 7.2 8.2 EXP novell 10y ago Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administr…
CVE-2016-4997 high 7.8 8.8 EXPFIX slesdebian debian linux-kernel novell 10y ago The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of …
CVE-2016-1704 high 8.8 8.8 sles rhelsuse suse googlenovell 10y ago Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.
CVE-2016-1583 high 7.8 8.8 EXPFIX slesdebian debian linux-kernel novell 10y ago The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vecto…
CVE-2016-2834 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu mozillanovell 10y ago Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly…
CVE-2016-2818 high 8.8 8.8 FIX slesdebian debian rhel mozillanovell 10y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and a…
CVE-2016-2815 high 8.8 8.8 FIX slesdebian debianubuntu ubuntu mozillanovell 10y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2016-0376 high 8.1 8.1 slessuse suse rhel novellibmredhat 10y ago The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40…
CVE-2016-0363 high 8.1 8.1 slessuse suse rhel redhatnovellibm 10y ago The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.…
CVE-2016-4913 high 7.8 7.8 FIX slesdebian debianubuntu ubuntu novell 10y ago The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensit…
CVE-2016-4805 high 7.8 7.8 FIX slesdebian debian rhel novell 10y ago Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or pos…
CVE-2016-4486 low 3.3 4.3 EXPFIX slesdebian debianubuntu ubuntu novell 10y ago The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from …
CVE-2016-4485 high 7.5 7.5 FIX slesdebian debianubuntu ubuntu novell 10y ago The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack m…
CVE-2016-3672 high 7.8 8.8 EXPFIX slesdebian debiansuse suse novell 10y ago The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the int…
CVE-2016-3134 high 8.4 9.4 EXPFIX slesdebian debiansuse suse novell 10y ago The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) vi…
CVE-2016-1593 high 7.2 8.2 EXP novell 10y ago Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a …
CVE-2016-1954 high 8.8 8.8 FIX debian debiansuse suse mozillanovell 10y ago The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Sec…
CVE-2016-1953 high 8.8 8.8 FIX debian debiansuse suse mozillanovell 10y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2016-1952 high 8.8 8.8 FIX debian debiansuse suse novellmozilla 10y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and a…
CVE-2016-1629 critical 9.8 9.8 debian debiansuse suse googlenovell 10y ago Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.
CVE-2015-2743 high 7.5 suse suse mozillanovell 11y ago PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary …
CVE-2015-2740 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remot…
CVE-2015-2739 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has …
CVE-2015-2736 critical 9.3 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which all…
CVE-2015-2735 critical 9.3 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to …
CVE-2015-2726 critical 10.0 suse suse mozillanovell 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2015-2725 critical 10.0 suse suse novellmozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of servic…
CVE-2015-2724 critical 10.0 ubuntu ubuntudebian debiansuse suse mozillanovell 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cau…
CVE-2015-2722 critical 10.0 suse suse mozillanovell 11y ago Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbit…
CVE-2015-0779 critical 10.0 EXP novell 11y ago Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory …
CVE-2010-5324 critical 10.0 EXP novell 11y ago Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary cod…
CVE-2010-5323 critical 10.0 EXP novell 11y ago Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary cod…
CVE-2015-2716 high 7.5 suse suse mozillanovell 11y ago Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amou…
CVE-2015-2709 high 7.5 suse suse mozillanovell 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exe…
CVE-2015-2708 high 7.5 suse suse novellmozilla 11y ago Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of servic…
CVE-2014-3566 low 3.4 4.4 EXPFIX slesdebian debianfreebsd freebsd novellopensslibm 12y ago The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a pad…
CVE-2014-0610 critical 10.0 novell 12y ago The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer derefe…
CVE-2014-0600 high 7.8 novell 12y ago FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN…
CVE-2011-0993 low 2.1 novell 12y ago SUSE Lifecycle Management Server before 1.1 uses world readable postgres credentials, which allows local users to obtain sensitive information via unspecified vectors.
CVE-2014-0592 high 7.5 crowbarnovell 12y ago Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass secur…
CVE-2014-1505 high 7.5 7.5 ubuntu ubuntudebian debiansuse suse mozillanovell 12y ago The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement…
CVE-2013-3709 high 7.2 novellsuse 13y ago WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.
CVE-2012-0434 critical 10.0 novell 13y ago The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors.
CVE-2012-0426 high 7.2 novell 13y ago Race condition in sap_suse_cluster_connector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ dir…
CVE-2013-6345 critical 10.0 novell 13y ago Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."
CVE-2013-3956 high 8.2 EXP windows windows novell 13y ago The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows S…
CVE-2013-3697 high 7.2 windows windows novell 13y ago Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Wind…
CVE-2013-1092 high 7.2 novell 13y ago Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: …
CVE-2013-1091 critical 10.0 novell 13y ago Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.
CVE-2013-3268 critical 10.0 novell 13y ago Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.
CVE-2013-1085 critical 9.3 novell 13y ago Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrar…
CVE-2013-1083 critical 10.0 novell 13y ago Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and att…
CVE-2013-1082 high 7.5 novell 13y ago Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter.
CVE-2013-1080 critical 10.0 EXP novell 13y ago The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to cond…
CVE-2013-1081 high 8.5 EXP novell 13y ago Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.
CVE-2013-0804 critical 10.0 EXP novell 14y ago The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecif…
CVE-2012-0439 critical 10.0 EXP novell 14y ago An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the Set…
CVE-2012-0411 critical 10.0 novell 14y ago Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
CVE-2012-4959 critical 10.0 EXP novell 14y ago Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. (dot dot) in a FILE element of…
CVE-2012-4958 high 8.8 EXP novell 14y ago Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. (dot dot) in a FILE element of an …
CVE-2012-4957 high 8.8 EXP novell 14y ago Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an…
CVE-2012-4956 critical 10.0 EXP novell 14y ago Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.
CVE-2012-4933 high 8.8 EXP novell 14y ago The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (…
CVE-2012-0418 critical 9.3 novell 14y ago Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a c…
CVE-2012-0417 critical 10.0 novell 14y ago Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vect…
CVE-2012-0271 critical 10.0 EXP novell 14y ago Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitr…
CVE-2012-0421 low 2.1 novell 14y ago The SUSE Audit Log Keeper daemon before 0.2.1-0.4.6.1 for SUSE Manager and Spacewalk uses world-readable permissions for /etc/auditlog-keeper.conf, which allows local users to obtain passwords by rea…
CVE-2011-3176 critical 10.0 EXP novell 14y ago Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.
CVE-2011-3175 critical 10.0 EXP novell 14y ago Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.
CVE-2011-4189 high 8.5 EXP novell 15y ago The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail add…
CVE-2011-4187 critical 10.0 novell 15y ago Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different v…
CVE-2011-4186 critical 9.3 novell 15y ago Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a…
CVE-2011-4185 critical 10.0 novell 15y ago The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) …
CVE-2011-1710 high 7.5 novell 15y ago Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted he…
CVE-2011-2653 critical 10.0 EXP novell 15y ago Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.
CVE-2011-3173 high 7.5 novell 15y ago Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code v…
CVE-2011-2656 critical 9.3 novell 15y ago Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-…