Filtered by vendor Novell
Subscribe
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-4933 | 1 Novell | 1 Zenworks Asset Management | 2026-04-29 | 7.8 HIGH | N/A |
| The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote attackers to obtain sensitive information via a crafted rtrlet/rtr request for the HandleMaintenanceCalls function. | |||||
| CVE-2010-4712 | 1 Novell | 1 Groupwise | 2026-04-29 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data. | |||||
| CVE-2010-3110 | 2 Novell, Opensuse | 2 Suse Linux, Opensuse | 2026-04-29 | 7.2 HIGH | N/A |
| Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors. | |||||
| CVE-2011-0464 | 1 Novell | 1 Vibe Onprem | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
| CVE-2010-3108 | 1 Novell | 1 Iprint | 2026-04-29 | 9.3 HIGH | N/A |
| Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names. | |||||
| CVE-2003-1592 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-29 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password. | |||||
| CVE-2011-0462 | 1 Novell | 1 Opensuse Build Service | 2026-04-29 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service (OBS) before 2.1.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2002-2432 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. | |||||
| CVE-2010-0666 | 1 Novell | 1 Edirectory | 2026-04-29 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926. | |||||
| CVE-2010-3105 | 1 Novell | 1 Iprint | 2026-04-29 | 9.3 HIGH | N/A |
| The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2012-0272 | 1 Novell | 1 Groupwise | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to inject arbitrary web script or HTML via the merge parameter. | |||||
| CVE-2011-3014 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2026-04-29 | 5.0 MEDIUM | N/A |
| The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation. | |||||
| CVE-2011-2225 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2026-04-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh. | |||||
| CVE-2009-4654 | 2 Microsoft, Novell | 2 Windows, Edirectory | 2026-04-29 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk. | |||||
| CVE-2010-1930 | 1 Novell | 1 Imanager | 2026-04-29 | 5.0 MEDIUM | N/A |
| Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc. | |||||
| CVE-2011-3827 | 1 Novell | 1 Groupwise | 2026-04-29 | 4.3 MEDIUM | N/A |
| The iCalendar component in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 allows remote attackers to cause a denial of service (out-of-bounds read and daemon crash) via a crafted date-time string in a .ics attachment. | |||||
| CVE-2011-0466 | 1 Novell | 1 Opensuse Build Service | 2026-04-29 | 6.4 MEDIUM | N/A |
| The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a (1) package or (2) project via unspecified vectors. | |||||
| CVE-2011-4186 | 2 Microsoft, Novell | 2 Windows, Iprint | 2026-04-29 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705. | |||||
| CVE-2010-4324 | 1 Novell | 2 Identity Manager, Identity Manager Roles Based Provisioning Module | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-1929 | 1 Novell | 1 Imanager | 2026-04-29 | 9.0 HIGH | N/A |
| Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc. | |||||