Export limit exceeded: 324789 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 324789 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (675 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-4557 | 1 Novell | 1 Groupwise Webaccess | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the webacc servlet in Novell GroupWise 6.5 WebAccess allows remote attackers to inject arbitrary web script or HTML via the User.Id parameter, as demonstrated by a URL within a url field in a STYLE element, possibly due to an incomplete fix for CVE-2004-2103.2. | ||||
| CVE-2008-5095 | 1 Novell | 2 Identity Manager Roles Based Provisioning Module, User Application | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in the Novell User Application 3.0.1, 3.5.0, and 3.5.1; and Identity Manager Roles Based Provisioning Module 3.6.0 and 3.6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2006-6450 | 1 Novell | 1 Zenworks Patch Management Server | 2025-04-09 | N/A |
| Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters. | ||||
| CVE-2006-6443 | 1 Novell | 1 Client | 2025-04-09 | N/A |
| Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors. | ||||
| CVE-2007-6701 | 2 Microsoft, Novell | 2 Windows, Client | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in the Spooler service (nwspool.dll) in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954. | ||||
| CVE-2007-5665 | 1 Novell | 1 Zenworks Endpoint Security Management | 2025-04-09 | N/A |
| STEngine.exe 3.5.0.20 in Novell ZENworks Endpoint Security Management (ESM) 3.5, and other ESM versions before 3.5.0.82, dynamically creates scripts in a world-writable directory when generating diagnostic reports, which allows local users to gain privileges, as demonstrated by creating a cmd.exe binary in the diagnostic report directory. | ||||
| CVE-2007-5667 | 2 Microsoft, Novell | 5 Windows 2000, Windows 2003 Server, Windows Server 2003 and 2 more | 2025-04-09 | N/A |
| NWFILTER.SYS in Novell Client 4.91 SP 1 through SP 4 for Windows 2000, XP, and Server 2003 makes the \.\nwfilter device available for arbitrary user-mode input via METHOD_NEITHER IOCTLs, which allows local users to gain privileges by passing a kernel address as an argument and overwriting kernel memory locations. | ||||
| CVE-2007-5702 | 1 Novell | 1 Opensuse Swamp | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in swamp/action/LoginActions (aka the login box) in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-6716 | 7 Canonical, Debian, Linux and 4 more | 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more | 2025-04-09 | 5.5 Medium |
| fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test. | ||||
| CVE-2007-1350 | 1 Novell | 1 Netmail | 2025-04-09 | N/A |
| Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication. | ||||
| CVE-2009-3547 | 8 Canonical, Fedoraproject, Linux and 5 more | 17 Ubuntu Linux, Fedora, Linux Kernel and 14 more | 2025-04-09 | 7.0 High |
| Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname. | ||||
| CVE-2006-6425 | 1 Novell | 1 Netmail | 2025-04-09 | N/A |
| Stack-based buffer overflow in the IMAP daemon (IMAPD) in Novell NetMail before 3.52e FTF2 allows remote authenticated users to execute arbitrary code via unspecified vectors involving the APPEND command. | ||||
| CVE-2009-0192 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| Off-by-one error in the iMonitor component in Novell eDirectory 8.8 SP3, 8.8 SP3 FTF3, and possibly other versions allows remote attackers to execute arbitrary code via an HTTP request with a crafted Accept-Language header, which triggers a stack-based buffer overflow. | ||||
| CVE-2009-2848 | 8 Canonical, Fedoraproject, Linux and 5 more | 15 Ubuntu Linux, Fedora, Linux Kernel and 12 more | 2025-04-09 | N/A |
| The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit. | ||||
| CVE-2006-6299 | 1 Novell | 1 Zenworks Asset Management | 2025-04-09 | N/A |
| Integer overflow in Msg.dll in Novell ZENworks 7 Asset Management (ZAM) before SP1 IR11 and the Collection client allows remote attackers to execute arbitrary code via crafted packets, which trigger a heap-based buffer overflow. | ||||
| CVE-2009-0410 | 1 Novell | 1 Groupwise | 2025-04-09 | N/A |
| Off-by-one error in the SMTP daemon in GroupWise Internet Agent (GWIA) in Novell GroupWise 6.5x, 7.0, 7.01, 7.02, 7.03, 7.03HP1a, and 8.0 allows remote attackers to execute arbitrary code via a long e-mail address in a malformed RCPT command, leading to a buffer overflow. | ||||
| CVE-2006-5814 | 1 Novell | 1 Edirectory | 2025-04-09 | N/A |
| Unspecified vulnerability in Novell eDirectory allows remote attackers to execute arbitrary code, as demonstrated by vd_novell.pm, a "Novell eDirectory remote exploit." NOTE: As of 20061108, this disclosure has no actionable information. However, since it is from a reliable researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| CVE-2008-2703 | 1 Novell | 1 Groupwise Messenger | 2025-04-09 | N/A |
| Multiple stack-based buffer overflows in Novell GroupWise Messenger (GWIM) Client before 2.0.3 HP1 for Windows allow remote attackers to execute arbitrary code via "spoofed server responses" that contain a long string after the NM_A_SZ_TRANSACTION_ID field name. | ||||
| CVE-2007-5762 | 1 Novell | 1 Netware Client | 2025-04-09 | N/A |
| NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \\.\nicm device and providing crafted kernel addresses via IOCTLs with the METHOD_NEITHER buffering mode. | ||||
| CVE-2006-5229 | 2 Novell, Openbsd | 2 Suse Linux, Openssh | 2025-04-09 | N/A |
| OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. NOTE: as of 20061014, it appears that this issue is dependent on the use of manually-set passwords that causes delays when processing /etc/shadow due to an increased number of rounds. | ||||