Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."
Max CVSS
10.0
EPSS Score
0.21%
Published
2013-11-02
Updated
2013-11-05
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.37%
Published
2013-04-24
Updated
2017-08-29
Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
Max CVSS
10.0
EPSS Score
4.03%
Published
2013-04-10
Updated
2018-10-30
Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.
Max CVSS
10.0
EPSS Score
68.51%
Published
2013-05-02
Updated
2015-10-08
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter.
Max CVSS
9.3
EPSS Score
27.69%
Published
2013-03-29
Updated
2013-03-29
Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.23%
Published
2013-03-29
Updated
2013-04-02

CVE-2013-1080

Public exploit
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
Max CVSS
10.0
EPSS Score
89.50%
Published
2013-03-29
Updated
2013-12-13
The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.
Max CVSS
10.0
EPSS Score
51.24%
Published
2013-02-24
Updated
2013-02-25

CVE-2012-0439

Public exploit
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the SetEngine method or (2) an XPItem pointer argument to an unspecified method.
Max CVSS
9.3
EPSS Score
96.03%
Published
2013-02-24
Updated
2013-02-25
The server in Crowbar, as used in SUSE Cloud 1.0, uses weak permissions for the production.log file, which has unspecified impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.45%
Published
2013-12-02
Updated
2014-03-04
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!