CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Novell : Security Vulnerabilities (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2015-4588 119 DoS Exec Code Overflow 2015-07-01 2015-07-02
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the DecodeImage function in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted "run-length count" in an image in a WMF file.
2 CVE-2015-2717 189 DoS Exec Code Overflow 2015-05-14 2015-06-30
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in libstagefright in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and out-of-bounds read) via an MP4 video file containing invalid metadata.
3 CVE-2015-2715 362 DoS Exec Code Mem. Corr. 2015-05-14 2015-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Race condition in the nsThreadManager::RegisterCurrentThread function in Mozilla Firefox before 38.0 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and heap memory corruption) by leveraging improper Media Decoder Thread creation at the time of a shutdown.
4 CVE-2015-2713 DoS Exec Code Mem. Corr. 2015-05-14 2015-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.
5 CVE-2015-2712 119 Exec Code Overflow +Info 2015-05-14 2015-07-28
7.5
None Remote Low Not required Partial Partial Partial
The asm.js implementation in Mozilla Firefox before 38.0 does not properly determine heap lengths during identification of cases in which bounds checking may be safely skipped, which allows remote attackers to trigger out-of-bounds write operations and possibly execute arbitrary code, or trigger out-of-bounds read operations and possibly obtain sensitive information from process memory, via crafted JavaScript.
6 CVE-2015-2710 119 Exec Code Overflow 2015-05-14 2015-07-28
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.
7 CVE-2015-2709 DoS Exec Code Mem. Corr. 2015-05-14 2015-06-25
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
8 CVE-2015-2708 DoS Exec Code Mem. Corr. 2015-05-14 2015-07-28
7.5
None Remote Low Not required Partial Partial Partial
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
9 CVE-2015-2331 189 DoS Exec Code Overflow 2015-03-30 2015-04-13
7.5
None Remote Low Not required Partial Partial Partial
Integer overflow in the _zip_cdir_new function in zip_dirent.c in libzip 0.11.2 and earlier, as used in the ZIP extension in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a ZIP archive that contains many entries, leading to a heap-based buffer overflow.
10 CVE-2015-2305 189 Exec Code Overflow 2015-03-30 2015-06-03
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow.
11 CVE-2015-1182 DoS Exec Code 2015-01-27 2015-04-17
7.5
None Remote Low Not required Partial Partial Partial
The asn1_get_sequence_of function in library/asn1parse.c in PolarSSL 1.0 through 1.2.12 and 1.3.x through 1.3.9 does not properly initialize a pointer in the asn1_sequence linked list, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted ASN.1 sequence in a certificate.
12 CVE-2015-0848 119 DoS Exec Code Overflow 2015-07-01 2015-07-02
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in libwmf 0.2.8.4 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted BMP image.
13 CVE-2015-0779 22 Exec Code Dir. Trav. 2015-06-07 2015-06-08
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.
14 CVE-2015-0778 77 Exec Code 2015-03-16 2015-04-09
7.5
None Remote Low Not required Partial Partial Partial
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters in a _service file.
15 CVE-2015-0240 17 Exec Code 2015-02-23 2015-05-11
10.0
None Remote Low Not required Complete Complete Complete
The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.
16 CVE-2014-9462 20 Exec Code 2015-03-31 2015-04-01
7.5
None Remote Low Not required Partial Partial Partial
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
17 CVE-2014-8158 119 DoS Exec Code Overflow 2015-01-26 2015-04-02
6.8
None Remote Medium Not required Partial Partial Partial
Multiple stack-based buffer overflows in jpc_qmfb.c in JasPer 1.900.1 and earlier allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image.
18 CVE-2014-8157 189 DoS Exec Code Overflow 2015-01-26 2015-04-02
7.5
None Remote Low Not required Partial Partial Partial
Off-by-one error in the jpc_dec_process_sot function in JasPer 1.900.1 and earlier allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted JPEG 2000 image, which triggers a heap-based buffer overflow.
19 CVE-2014-8154 119 DoS Exec Code Overflow 2015-01-27 2015-01-28
7.5
None Remote Low Not required Partial Partial Partial
The Gst.MapInfo function in Vala 0.26.0 and 0.26.1 uses an incorrect buffer length declaration for the Gstreamer bindings, which allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via unspecified vectors, which trigger a heap-based buffer overflow.
20 CVE-2014-8148 264 Exec Code 2015-01-26 2015-03-05
7.2
Admin Local Low Not required Complete Complete Complete
The default D-Bus access control rule in Midgard2 10.05.7.1 allows local users to send arbitrary method calls or signals to any process on the system bus and possibly execute arbitrary code with root privileges.
21 CVE-2014-7817 20 Exec Code 2014-11-24 2015-03-17
4.6
None Local Low Not required Partial Partial Partial
The wordexp function in GNU C Library (aka glibc) 2.21 does not enforce the WRDE_NOCMD flag, which allows context-dependent attackers to execute arbitrary commands, as demonstrated by input containing "$((`...`))".
22 CVE-2014-4509 Exec Code 2014-06-21 2014-06-23
4.6
None Local Low Not required Partial Partial Partial
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
23 CVE-2014-3693 DoS Exec Code 2014-11-07 2015-03-17
7.5
None Remote Low Not required Partial Partial Partial
Use-after-free vulnerability in the socket manager of Impress Remote in LibreOffice 4.x before 4.2.7 and 4.3.x before 4.3.3 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted request to TCP port 1599.
24 CVE-2014-2913 Exec Code 2014-05-07 2014-06-05
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor (NRPE) 2.15 and earlier allows remote attackers to execute arbitrary commands via a newline character in the -a option to libexec/check_nrpe. NOTE: this issue is disputed by multiple parties. It has been reported that the vendor allows newlines as "expected behavior." Also, this issue can only occur when the administrator enables the "dont_blame_nrpe" option in nrpe.conf despite the "HIGH security risk" warning within the comments.
25 CVE-2014-2528 Exec Code 2014-08-26 2014-08-27
6.8
None Remote Medium Not required Partial Partial Partial
kcleanup.cpp in KDirStat 2.7.3 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a ' (single quote) character in the directory name, a different vulnerability than CVE-2014-2527.
26 CVE-2014-2527 Exec Code 2014-08-26 2014-08-27
6.8
None Remote Medium Not required Partial Partial Partial
kcleanup.cpp in KDirStat 2.7.0 does not properly quote strings when deleting a directory, which allows remote attackers to execute arbitrary commands via a " (double quote) character in the directory name, a different vulnerability than CVE-2014-2528.
27 CVE-2014-1909 189 Exec Code Overflow Bypass 2014-05-13 2014-05-14
7.5
None Remote Low Not required Partial Partial Partial
Integer signedness error in system/core/adb/adb_client.c in Android Debug Bridge (ADB) for Android 4.4 in the Android SDK Platform Tools 18.0.1 allows ADB servers to execute arbitrary code via a negative length value, which bypasses a signed comparison and triggers a stack-based buffer overflow.
28 CVE-2014-0610 DoS Exec Code 2014-09-04 2014-09-08
10.0
None Remote Low Not required Complete Complete Complete
The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
29 CVE-2014-0133 119 Exec Code Overflow 2014-03-28 2015-06-03
5.1
None Remote High Not required Partial Partial Partial
Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request.
30 CVE-2013-4852 189 DoS Exec Code Overflow 2013-08-19 2013-09-11
6.8
None Remote Medium Not required Partial Partial Partial
Integer overflow in PuTTY 0.62 and earlier, WinSCP before 5.1.6, and other products that use PuTTY allows remote SSH servers to cause a denial of service (crash) and possibly execute arbitrary code in certain applications that use PuTTY via a negative size value in an RSA key signature during the SSH handshake, which triggers a heap-based buffer overflow.
31 CVE-2013-4419 264 Exec Code 2013-11-05 2015-01-14
6.8
None Local Network High Not required Complete Complete Complete
The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.
32 CVE-2013-3567 20 Exec Code 2013-08-19 2013-10-07
7.5
None Remote Low Not required Partial Partial Partial
Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.
33 CVE-2013-2555 189 Exec Code Overflow 2013-03-11 2014-03-26
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2013.
34 CVE-2013-2174 119 DoS Exec Code Overflow 2013-07-31 2015-07-16
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow in the curl_easy_unescape function in lib/escape.c in cURL and libcurl 7.7 through 7.30.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string ending in a "%" (percent) character.
35 CVE-2013-2145 20 Exec Code Bypass 2013-08-19 2013-10-07
4.4
None Local Medium Not required Partial Partial Partial
The cpansign verify functionality in the Module::Signature module before 0.72 for Perl allows attackers to bypass the signature check and execute arbitrary code via a SIGNATURE file with a "special unknown cipher" that references an untrusted module in Digest/.
36 CVE-2013-2126 399 DoS Exec Code 2013-08-14 2013-08-14
7.5
None Remote Low Not required Partial Partial Partial
Multiple double free vulnerabilities in the LibRaw::unpack function in libraw_cxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed full-color (1) Foveon or (2) sRAW image file.
37 CVE-2013-2088 20 Exec Code 2013-07-31 2013-11-02
7.1
None Remote High Single system Complete Complete Complete
contrib/hook-scripts/svn-keyword-check.pl in Subversion before 1.6.23 allows remote authenticated users with commit permissions to execute arbitrary commands via shell metacharacters in a filename.
38 CVE-2013-1927 Exec Code 2013-04-29 2013-08-22
6.8
None Remote Medium Not required Partial Partial Partial
The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remote attackers to execute arbitrary code via a crafted file that validates as both a GIF and a Java JAR file, aka "GIFAR."
39 CVE-2013-1872 119 DoS Exec Code Overflow 2013-08-19 2013-08-20
6.8
None Remote Medium Not required Partial Partial Partial
The Intel drivers in Mesa 8.0.x and 9.0.x allow context-dependent attackers to cause a denial of service (reachable assertion and crash) and possibly execute arbitrary code via vectors involving 3d graphics that trigger an out-of-bounds array access, related to the fs_visitor::remove_dead_constants function. NOTE: this issue might be related to CVE-2013-0796.
40 CVE-2013-1362 20 1 Exec Code 2013-07-09 2013-12-13
7.5
None Remote Low Not required Partial Partial Partial
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
41 CVE-2013-1091 119 Exec Code Overflow 2013-05-02 2015-05-13
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.
42 CVE-2013-1085 119 Exec Code Overflow 2013-03-29 2013-03-29
9.3
None Remote Medium Not required Complete Complete Complete
Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter.
43 CVE-2013-0804 78 DoS Exec Code 2013-02-23 2013-02-25
10.0
None Remote Low Not required Complete Complete Complete
The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.
44 CVE-2013-0170 399 DoS Exec Code 2013-02-08 2015-01-14
9.3
None Remote Medium Not required Complete Complete Complete
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.
45 CVE-2012-4956 119 Exec Code Overflow 2012-11-18 2013-05-02
10.0
None Remote Low Not required Complete Complete Complete
Heap-based buffer overflow in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to execute arbitrary code via a large number of VOL elements in an SRS record.
46 CVE-2012-1095 264 Exec Code 2014-02-06 2014-02-07
4.3
None Remote Medium Not required None Partial None
osc before 0.134 might allow remote OBS repository servers or package maintainers to execute arbitrary commands via a crafted (1) build log or (2) build status that contains an escape sequence for a terminal emulator.
47 CVE-2012-0439 94 Exec Code 2013-02-23 2013-02-25
9.3
None Remote Medium Not required Complete Complete Complete
An ActiveX control in gwcls1.dll in the client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code via (1) a pointer argument to the SetEngine method or (2) an XPItem pointer argument to an unspecified method.
48 CVE-2012-0418 Exec Code 2012-09-28 2013-02-13
9.3
None Remote Medium Not required Complete Complete Complete
Unspecified vulnerability in the client in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 on Windows allows user-assisted remote attackers to execute arbitrary code via a crafted file.
49 CVE-2012-0417 189 Exec Code Overflow 2012-09-28 2013-02-13
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to execute arbitrary code via unspecified vectors.
50 CVE-2012-0411 Exec Code 2012-12-24 2013-01-08
10.0
None Remote Low Not required Complete Complete Complete
Unspecified vulnerability in Novell iPrint Client before 5.82 allows remote attackers to execute arbitrary code via an op-client-interface-version action.
Total number of vulnerabilities : 199   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.