Filtered by vendor Novell
Subscribe
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2009-4653 | 2 Microsoft, Novell | 2 Windows, Edirectory | 2026-04-29 | 9.0 HIGH | N/A |
| Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:. | |||||
| CVE-2011-4191 | 1 Novell | 1 Netware | 2026-04-29 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets. | |||||
| CVE-2011-2652 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file. | |||||
| CVE-2010-1527 | 1 Novell | 1 Iprint | 2026-04-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action. | |||||
| CVE-2009-4878 | 1 Novell | 1 Access Manager | 2026-04-29 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors. | |||||
| CVE-2013-0804 | 1 Novell | 1 Groupwise | 2026-04-29 | 10.0 HIGH | N/A |
| The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors. | |||||
| CVE-2011-1707 | 1 Novell | 1 Iprint | 2026-04-29 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url. | |||||
| CVE-2011-2657 | 1 Novell | 1 Zenworks Configuration Management | 2026-04-29 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote attackers to execute arbitrary commands via a pathname in the first argument. | |||||
| CVE-2010-2779 | 1 Novell | 1 Groupwise | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies." | |||||
| CVE-2011-0742 | 1 Novell | 1 Zenworks Handheld Management | 2026-04-29 | 10.0 HIGH | N/A |
| Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. | |||||
| CVE-2011-2656 | 1 Novell | 1 Zenworks Handheld Management | 2026-04-29 | 9.3 HIGH | N/A |
| Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2655. | |||||
| CVE-2007-6735 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-29 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||||
| CVE-2011-2647 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2026-04-29 | 7.5 HIGH | N/A |
| Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files. | |||||
| CVE-2010-4254 | 2 Mono, Novell | 2 Mono, Moonlight | 2026-04-29 | 7.5 HIGH | N/A |
| Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call. | |||||
| CVE-2002-2434 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-29 | 5.0 MEDIUM | N/A |
| NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions. | |||||
| CVE-2010-1507 | 1 Novell | 2 Suse Linux, Webyast Appliance | 2026-04-29 | 5.0 MEDIUM | N/A |
| WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key. | |||||
| CVE-2011-2644 | 2 Marcus Schafer, Novell | 2 Kiwi, Suse Studio Onsite | 2026-04-29 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display. | |||||
| CVE-2003-1596 | 1 Novell | 2 Netware, Netware Ftp Server | 2026-04-29 | 7.5 HIGH | N/A |
| NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session. | |||||
| CVE-2013-1083 | 1 Novell | 1 Identity Manager Roles Based Provisioning Module | 2026-04-29 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and attack vectors. | |||||
| CVE-2011-3013 | 1 Novell | 2 Data Synchronizer, Mobility Pack | 2026-04-29 | 5.0 MEDIUM | N/A |
| WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack. | |||||