Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2015-0780 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-20 | N/A |
| SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
| CVE-2015-0783 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-20 | N/A |
| The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable. | ||||
| CVE-2015-0785 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-20 | N/A |
| com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable. | ||||
| CVE-2015-5219 | 10 Canonical, Debian, Fedoraproject and 7 more | 21 Ubuntu Linux, Debian Linux, Fedora and 18 more | 2025-04-20 | 7.5 High |
| The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | ||||
| CVE-2017-13704 | 6 Canonical, Debian, Fedoraproject and 3 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2025-04-20 | N/A |
| In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash. | ||||
| CVE-2017-14492 | 5 Canonical, Debian, Novell and 2 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2025-04-20 | N/A |
| Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted IPv6 router advertisement request. | ||||
| CVE-2017-14494 | 5 Canonical, Debian, Novell and 2 more | 9 Ubuntu Linux, Debian Linux, Leap and 6 more | 2025-04-20 | N/A |
| dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | ||||
| CVE-2017-14495 | 5 Canonical, Debian, Novell and 2 more | 8 Ubuntu Linux, Debian Linux, Leap and 5 more | 2025-04-20 | N/A |
| Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation. | ||||
| CVE-2017-14496 | 6 Canonical, Debian, Google and 3 more | 9 Ubuntu Linux, Debian Linux, Android and 6 more | 2025-04-20 | N/A |
| Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. | ||||
| CVE-2017-7995 | 3 Novell, Suse, Xen | 6 Suse Linux Enterprise Point Of Sale, Suse Linux Enterprise Server, Manager and 3 more | 2025-04-20 | N/A |
| Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL. | ||||
| CVE-2017-7430 | 2 Netiq, Novell | 2 Imanager, Imanager | 2025-04-20 | N/A |
| Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework. | ||||
| CVE-2017-7431 | 2 Netiq, Novell | 2 Imanager, Imanager | 2025-04-20 | N/A |
| Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management. | ||||
| CVE-2016-9961 | 5 Fedoraproject, Game-music-emu Project, Novell and 2 more | 7 Fedora, Game-music-emu, Suse Linux Enterprise Desktop and 4 more | 2025-04-20 | N/A |
| game-music-emu before 0.6.1 mishandles unspecified integer values. | ||||
| CVE-2016-5747 | 1 Novell | 1 Edirectory | 2025-04-20 | N/A |
| A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies. | ||||
| CVE-2016-5759 | 2 Novell, Opensuse | 3 Suse Linux Enterprise Desktop, Suse Linux Enterprise Server, Leap | 2025-04-20 | N/A |
| The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. | ||||
| CVE-2016-5762 | 1 Novell | 1 Groupwise | 2025-04-20 | N/A |
| Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow. | ||||
| CVE-2016-1603 | 1 Novell | 1 Netiq Idm Servicenow Driver | 2025-04-20 | N/A |
| An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1 could expose cryptographic attributes to logged-in users. | ||||
| CVE-2015-0781 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-20 | N/A |
| Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors. | ||||
| CVE-2015-0784 | 1 Novell | 1 Zenworks Configuration Management | 2025-04-20 | N/A |
| Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable. | ||||
| CVE-2017-7432 | 2 Netiq, Novell | 2 Imanager, Imanager | 2025-04-20 | N/A |
| Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. | ||||