Filtered by vendor Novell
Subscribe
Total
675 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-1065 | 1 Novell | 1 Linux Desktop | 2025-04-03 | 2.1 LOW | N/A |
| tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory. | |||||
| CVE-2002-1438 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option. | |||||
| CVE-2005-3655 | 1 Novell | 1 Open Enterprise Server | 2025-04-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter. | |||||
| CVE-2003-0637 | 1 Novell | 1 Ichain | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing. | |||||
| CVE-2005-1730 | 1 Novell | 1 Imanager | 2025-04-03 | 9.3 HIGH | N/A |
| Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112. | |||||
| CVE-2006-3817 | 1 Novell | 1 Groupwise Webaccess | 2025-04-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence. | |||||
| CVE-1999-0470 | 1 Novell | 1 Netware | 2025-04-03 | 5.0 MEDIUM | N/A |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. | |||||
| CVE-2002-2096 | 1 Novell | 1 Netware | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password. | |||||
| CVE-2004-2554 | 1 Novell | 1 Client Firewall | 2025-04-03 | 7.2 HIGH | N/A |
| Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. | |||||
| CVE-2005-0797 | 1 Novell | 1 Ichain | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell iChain Mini FTP Server 2.3 displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks. | |||||
| CVE-2005-2804 | 1 Novell | 1 Groupwise | 2025-04-03 | 5.0 MEDIUM | N/A |
| Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key. | |||||
| CVE-2006-1322 | 1 Novell | 2 Netware, Netware Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow. | |||||
| CVE-2001-1232 | 1 Novell | 1 Groupwise | 2025-04-03 | 5.0 MEDIUM | N/A |
| GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get". | |||||
| CVE-2006-0803 | 2 Novell, Suse | 2 Suse Linux, Suse Linux | 2025-04-03 | 5.0 MEDIUM | N/A |
| The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used. | |||||
| CVE-2005-1761 | 2 Novell, Suse | 3 Linux Desktop, Open Enterprise Server, Suse Linux | 2025-04-03 | 2.1 LOW | N/A |
| Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function. | |||||
| CVE-2002-2083 | 1 Novell | 1 Netware | 2025-04-03 | 2.1 LOW | N/A |
| The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen. | |||||
| CVE-2005-1040 | 1 Novell | 1 Linux Desktop | 2025-04-03 | 7.2 HIGH | N/A |
| Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification." | |||||
| CVE-2002-1754 | 1 Novell | 1 Netware Client | 2025-04-03 | 2.1 LOW | N/A |
| Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. | |||||
| CVE-2004-2734 | 1 Novell | 1 Netware | 2025-04-03 | 10.0 HIGH | N/A |
| webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder. | |||||
| CVE-2004-2582 | 1 Novell | 1 Ichain | 2025-04-03 | 5.0 MEDIUM | N/A |
| Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information. | |||||