Search Results (676 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2002-0929 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.
CVE-2002-1552 1 Novell 1 Edirectory 2026-04-16 N/A
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
CVE-2004-2298 1 Novell 2 Internet Messaging System, Netmail 2026-04-16 N/A
Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.
CVE-2006-2327 1 Novell 1 Netware 2026-04-16 N/A
Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function.
CVE-2003-0562 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.
CVE-2006-3430 2 Lumension, Novell 2 Patchlink Update Server, Zenworks 2026-04-16 N/A
SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.
CVE-2005-2852 1 Novell 1 Netware 2026-04-16 N/A
Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm.
CVE-2002-0791 1 Novell 1 Netware 2026-04-16 N/A
Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.
CVE-2002-0530 1 Novell 1 Web Search 2026-04-16 N/A
Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter.
CVE-1999-0265 2 Microware, Novell 2 Os-9, Netware 2026-04-16 N/A
ICMP redirect messages may crash or lock up a host.
CVE-2002-1002 1 Novell 1 Emframe 2026-04-16 N/A
Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.
CVE-2006-0997 1 Novell 2 Netware, Open Enterprise Server 2026-04-16 N/A
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.
CVE-2006-0998 1 Novell 2 Netware, Open Enterprise Server 2026-04-16 N/A
The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.
CVE-1999-1307 1 Novell 1 Unixware 2026-04-16 N/A
Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.
CVE-1999-1006 1 Novell 1 Groupwise 2026-04-16 N/A
Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.
CVE-2000-0257 1 Novell 1 Netware 2026-04-16 N/A
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.
CVE-2006-3425 2 Lumension, Novell 2 Patchlink Update Server, Zenworks 2026-04-16 N/A
FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.
CVE-2006-3817 1 Novell 1 Groupwise Webaccess 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Novell GroupWise WebAccess 6.5 and 7 before 20060727 allows remote attackers to inject arbitrary web script or HTML via an encoded SCRIPT element in an e-mail message with the UTF-7 character set, as demonstrated by the "+ADw-SCRIPT+AD4-" sequence.
CVE-2005-2276 1 Novell 1 Groupwise Webaccess 2026-04-16 N/A
Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "j&#X41vascript" in an IMG tag.
CVE-2006-4186 1 Novell 1 Edirectory 2026-04-16 N/A
The iManager in eMBoxClient.jar in Novell eDirectory 8.7.3.8 writes passwords in plaintext to a log file, which allows local users to obtain passwords by reading the file.