Filtered by vendor Novell
Subscriptions
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2434 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | ||||
| CVE-2011-2646 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files. | ||||
| CVE-2011-2647 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2025-04-11 | N/A |
| Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files. | ||||
| CVE-2013-3704 | 1 Novell | 1 Libzypp | 2025-04-11 | N/A |
| The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote attackers to trick users into believing that the repository was signed by a more-trustworthy key. | ||||
| CVE-2010-4716 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-4714 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent. | ||||
| CVE-2003-1592 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | ||||
| CVE-2003-1593 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection. | ||||
| CVE-2003-1595 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. | ||||
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | ||||
| CVE-2010-1507 | 1 Novell | 2 Suse Linux, Webyast Appliance | 2025-04-11 | N/A |
| WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key. | ||||
| CVE-2010-4713 | 1 Novell | 1 Groupwise | 2025-04-11 | N/A |
| Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header. | ||||
| CVE-2013-1088 | 1 Novell | 1 Imanager | 2025-04-11 | N/A |
| Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container. | ||||
| CVE-2010-1929 | 1 Novell | 1 Imanager | 2025-04-11 | N/A |
| Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc. | ||||
| CVE-2011-4191 | 1 Novell | 1 Netware | 2025-04-11 | N/A |
| Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets. | ||||
| CVE-2010-3105 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2000-1245 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-11 | N/A |
| Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors. | ||||
| CVE-2012-0411 | 1 Novell | 1 Iprint | 2025-04-11 | N/A |
| Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action. | ||||
| CVE-2011-3014 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation. | ||||
| CVE-2011-2221 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2025-04-11 | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors. | ||||