Vulnerabilities > Novell
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-02 | CVE-2017-9277 | Unspecified vulnerability in Novell Edirectory The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA. | 7.5 |
| 2018-03-02 | CVE-2017-9267 | Unspecified vulnerability in Novell Edirectory In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations. | 7.5 |
| 2017-10-03 | CVE-2017-14496 | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request. | 7.5 |
| 2017-10-03 | CVE-2017-14494 | Information Exposure vulnerability in multiple products dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests. | 5.9 |
| 2017-10-03 | CVE-2017-13704 | Improper Input Validation vulnerability in multiple products In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. | 7.5 |
| 2017-09-08 | CVE-2016-5759 | Improper Input Validation vulnerability in multiple products The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root. | 7.8 |
| 2017-08-09 | CVE-2015-0786 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Novell Zenworks Configuration Management Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
| 2017-08-09 | CVE-2015-0785 | Information Exposure vulnerability in Novell Zenworks Configuration Management com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable. | 7.5 |
| 2017-08-09 | CVE-2015-0784 | Information Exposure vulnerability in Novell Zenworks Configuration Management Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable. | 7.5 |
| 2017-08-09 | CVE-2015-0783 | Information Exposure vulnerability in Novell Zenworks Configuration Management The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable. | 6.5 |