Novell : Security Vulnerabilities, CVEs, (Gain Privilege) CVSS score >= 8
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.
Max CVSS
8.1
EPSS Score
2.68%
Published
2016-06-27
Updated
2023-02-12
vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.
Max CVSS
9.0
EPSS Score
1.00%
Published
2016-08-01
Updated
2017-09-03
Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.
Max CVSS
8.2
EPSS Score
0.07%
Published
2016-04-14
Updated
2017-11-04
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.37%
Published
2013-04-24
Updated
2017-08-29
CVE-2013-1080
Public exploit
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.
Max CVSS
10.0
EPSS Score
89.50%
Published
2013-03-29
Updated
2013-12-13
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
Max CVSS
10.0
EPSS Score
1.99%
Published
2004-12-31
Updated
2017-07-29
6 vulnerabilities found