Vulnerabilities > Novell
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-08-09 | CVE-2015-0782 | SQL Injection vulnerability in Novell Zenworks Configuration Management SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2017-08-09 | CVE-2015-0781 | Path Traversal vulnerability in Novell Zenworks Configuration Management Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors. | 9.8 |
2017-08-09 | CVE-2015-0780 | SQL Injection vulnerability in Novell Zenworks Configuration Management SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 9.8 |
2017-07-21 | CVE-2015-5219 | Incorrect Type Conversion or Cast vulnerability in multiple products The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet. | 7.5 |
2017-07-06 | CVE-2017-8932 | Incorrect Calculation vulnerability in multiple products A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. | 5.9 |
2017-06-19 | CVE-2017-1000366 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. | 7.8 |
2017-06-06 | CVE-2016-9961 | Numeric Errors vulnerability in multiple products game-music-emu before 0.6.1 mishandles unspecified integer values. network low complexity game-music-emu-project fedoraproject opensuse-project opensuse novell CWE-189 critical | 9.8 |
2017-06-06 | CVE-2016-9960 | Divide By Zero vulnerability in multiple products game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash). | 5.5 |
2017-05-03 | CVE-2017-7995 | Information Exposure vulnerability in multiple products Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. | 3.8 |
2017-05-03 | CVE-2017-7432 | Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability. | 9.8 |