Filtered by vendor Novell
Subscribe
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-1150 | 1 Novell | 2 Netware, Zenworks Desktops | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. | |||||
| CVE-2005-2804 | 1 Novell | 1 Groupwise | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key. | |||||
| CVE-2005-0744 | 1 Novell | 1 Ichain | 2025-04-03 | 10.0 HIGH | N/A |
| The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser. | |||||
| CVE-2004-2582 | 1 Novell | 1 Ichain | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2006-0997 | 1 Novell | 2 Netware, Open Enterprise Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. | |||||
| CVE-2000-0591 | 1 Novell | 1 Bordermanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL. | |||||
| CVE-2006-3817 | 1 Novell | 1 Groupwise Webaccess | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence. | |||||
| CVE-2004-2105 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter. | |||||
| CVE-2005-1763 | 2 Novell, Suse | 2 Linux Desktop, Suse Linux | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory. | |||||
| CVE-2002-0997 | 1 Novell | 2 Netmail, Netmail Xe | 2025-04-03 | 5.0 MEDIUM | N/A |
| Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service. | |||||
| CVE-2004-2734 | 1 Novell | 1 Netware | 2025-04-03 | 10.0 HIGH | N/A |
| webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. | |||||
| CVE-1999-0470 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | |||||
| CVE-2005-4790 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-03 | 6.9 MEDIUM | N/A |
| Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions. | |||||
| CVE-2005-2276 | 1 Novell | 1 Groupwise Webaccess | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "jAvascript" in an IMG tag. | |||||
| CVE-2000-0257 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. | |||||
| CVE-2000-0793 | 2 Novell, Symantec | 2 Client, Norton Antivirus | 2025-04-03 | 10.0 HIGH | N/A |
| Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system. | |||||
| CVE-2001-1233 | 1 Novell | 2 Groupwise Webaccess, Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm. | |||||
| CVE-2002-0791 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length. | |||||
| CVE-2001-0486 | 1 Novell | 1 Bordermanager | 2025-04-03 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353. | |||||
| CVE-2005-1730 | 1 Novell | 1 Imanager | 2025-04-03 | 9.3 HIGH | N/A |
| Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112. | |||||