Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-6735 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||
| CVE-2007-6734 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors. | ||||
| CVE-2012-0272 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to inject arbitrary web script or HTML via the merge parameter. | ||||
| CVE-2012-0271 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Integer overflow in the WebConsole component in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before 8.0.3 HP1 and 2012 before SP1 might allow remote attackers to execute arbitrary code via a crafted request that triggers a heap-based buffer overflow, as demonstrated by a request with -1 in the Content-Length HTTP header. | ||||
| CVE-2011-2650 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display. | ||||
| CVE-2011-2649 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call. | ||||
| CVE-2011-4194 | 2 Linux, Novell | 2 Linux Kernel, Open Enterprise Server | 2025-04-11 | N/A |
| Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field. | ||||
| CVE-2011-3827 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted date-time string in a .ics attachment. | ||||
| CVE-2011-2645 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM. | ||||
| CVE-2010-2778 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit." | ||||
| CVE-2011-3176 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request. | ||||
| CVE-2010-2068 | 5 Apache, Ibm, Microsoft and 2 more | 5 Http Server, Os2, Windows and 2 more | 2025-04-11 | N/A |
| mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and 2.3.5-alpha on Windows, NetWare, and OS/2, in certain configurations involving proxy worker pools, does not properly detect timeouts, which allows remote attackers to obtain a potentially sensitive response intended for a different client in opportunistic circumstances via a normal HTTP request. | ||||
| CVE-2011-3175 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-11 | N/A |
| Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request. | ||||
| CVE-2011-5028 | 1 Novell | 1 Sentinel Log Manager | 2025-04-11 | N/A |
| Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter. | ||||
| CVE-2011-3173 | 1 Novell | 1 Iprint Open Enterprise Server 2 | 2025-04-11 | N/A |
| Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field. | ||||
| CVE-2010-0625 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command. | ||||
| CVE-2012-0410 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter. | ||||
| CVE-2012-0418 | 2 Microsoft, Novell | 2 Windows, Groupwise | 2025-04-11 | N/A |
| Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file. | ||||
| CVE-2010-4227 | 1 Novell | 1 Netware | 2025-04-11 | N/A |
| The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow. | ||||
| CVE-2011-2750 | 1 Novell | 1 File Reporter | 2025-04-11 | N/A |
| NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD. | ||||