Vulnerabilities > Novell

DATE CVE VULNERABILITY TITLE RISK
2020-01-31 CVE-2015-6815 Infinite Loop vulnerability in multiple products
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.
2.7
2020-01-25 CVE-2012-6345 User Enumeration Information Disclosure vulnerability in Cyber-Ark Vault
Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information.
network
low complexity
novell
5.0
2020-01-25 CVE-2012-6344 Cross-Site Scripting vulnerability in Novell Zenworks Configuration Management
Novell ZENworks Configuration Management before 11.2.4 allows XSS.
network
novell CWE-79
4.3
2019-12-31 CVE-2013-4357 Classic Buffer Overflow vulnerability in multiple products
The eglibc package before 2.14 incorrectly handled the getaddrinfo() function.
5.0
2019-12-30 CVE-2013-2016 Improper Privilege Management vulnerability in multiple products
A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device.
6.9
2018-03-02 CVE-2017-9277 Unspecified vulnerability in Novell Edirectory
The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
network
low complexity
novell
5.0
2018-03-02 CVE-2017-9267 Unspecified vulnerability in Novell Edirectory
In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.
network
low complexity
novell
5.0
2017-10-04 CVE-2017-14491 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products
Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.
network
low complexity
canonical debian novell redhat thekelleys CWE-119
7.5
2017-10-03 CVE-2017-14496 Integer Underflow (Wrap OR Wraparound) vulnerability in multiple products
Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.
7.8
2017-10-03 CVE-2017-14495 Missing Release of Resource After Effective Lifetime vulnerability in multiple products
Memory leak in dnsmasq before 2.78, when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service (memory consumption) via vectors involving DNS response creation.
network
low complexity
canonical debian novell redhat thekelleys CWE-772
5.0