MidnightBSD

Advisories for novell

CVE-1999-0175 MEDIUM

The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell web_server 1.0
CVE-1999-0265 MEDIUM

ICMP redirect messages may crash or lock up a host.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
microware os-9 *
novell netware 3.12
CVE-1999-0470 MEDIUM

A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 4.0
CVE-1999-0524 LOW

ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,NVD-CWE-noinfo,CWE-200,

Products Affected

Vendor Product Version
hp tru64 -
hp hp-ux -
ibm os2 -
microsoft windows -
windriver bsdos -
apple macos -
novell netware -
cisco ios -
sco sco_unix -
sgi irix -
oracle solaris -
apple mac_os_x -
ibm aix -
linux linux_kernel -
CVE-1999-0805 MEDIUM

Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware *
CVE-1999-0929 MEDIUM

Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 4.1
novell http_server 2.51r1
novell netware 4.11
novell http_server 3.1r1
CVE-1999-1005 MEDIUM

Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
netscape enterprise_server 3.0.7a
novell groupwise 5.5
novell groupwise 5.2
CVE-1999-1006 MEDIUM

Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
novell groupwise 5.2
CVE-1999-1020 HIGH

The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 4.1
novell netware 4.11
CVE-1999-1081 MEDIUM

Vulnerability in files.pl script in Novell WebServer Examples Toolkit 2 allows remote attackers to read arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell web_server 2.0
CVE-1999-1086 HIGH

Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator privileges by spoofing the MAC address in IPC fragmented packets that make NetWare Core Protocol (NCP) calls.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 4.1
novell netware 4.11
novell netware *
CVE-1999-1215 MEDIUM

LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local users to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 4.0
novell netware 4.01
CVE-1999-1307 HIGH

Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell unixware 1.1
CVE-1999-1320 MEDIUM

Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware *
CVE-1999-1382 HIGH

NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to gain root privileges by creating a setuid program and setting it to "Read Only," which NetWare-NFS changes to a setuid root program.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware *
CVE-2000-0146 MEDIUM

The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
CVE-2000-0152 MEDIUM

Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.5
novell bordermanager 3.0
CVE-2000-0257 HIGH

Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
CVE-2000-0591 MEDIUM

Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.5
novell bordermanager 3.0
CVE-2000-0600 HIGH

Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 5.0
netscape enterprise_server 4.1.1
netscape enterprise_server 5.0
CVE-2000-0651 HIGH

The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.5
novell bordermanager 3.0
CVE-2000-0669 MEDIUM

Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.0
CVE-2000-0793 HIGH

Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell client 3.1
symantec norton_antivirus 5.0
CVE-2000-1245 HIGH

Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware_ftp_server *
CVE-2000-1246 LOW

NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.

CVSS 2.0

Severity: LOW

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware_ftp_server *
CVE-2001-0355 MEDIUM

Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
CVE-2001-0486 MEDIUM

Remote attackers can cause a denial of service in Novell BorderManager 3.6 and earlier by sending TCP SYN flood to port 353.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager *
CVE-2001-1195 HIGH

Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
novell groupwise 6.0
CVE-2001-1231 MEDIUM

GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
novell groupwise 6.0
CVE-2001-1232 MEDIUM

GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get".

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
CVE-2001-1233 MEDIUM

Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to enumerate user names, group names and other system information by accessing ndsobj.nlm.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell groupwise_webaccess 5.5
CVE-2001-1458 MEDIUM

Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
novell groupwise 6.0
CVE-2001-1580 MEDIUM

Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
nombas scriptease_webserver 4.30b
nombas scriptease_webserver 4.30d
CVE-2001-1587 MEDIUM

NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware *
CVE-2002-0303 MEDIUM

GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows attackers to gain privileges of other users by logging in without a password.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 6.0
CVE-2002-0341 MEDIUM

GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 5.5
CVE-2002-0530 MEDIUM

Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell web_search 2.0.1
CVE-2002-0779 MEDIUM

FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.6
CVE-2002-0780 MEDIUM

IP/IPX gateway for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a connection to port 8225 with a large amount of random data, which causes ipipxgw.nlm to ABEND.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.6
CVE-2002-0781 MEDIUM

RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.6
CVE-2002-0782 MEDIUM

Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.5
CVE-2002-0791 MEDIUM

Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2002-0929 MEDIUM

Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.0
CVE-2002-0930 MEDIUM

Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.0
CVE-2002-0996 HIGH

Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail_xe 3.1
novell netmail 3.1
novell netmail 3.0.3a
CVE-2002-0997 MEDIUM

Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail_xe 3.1
novell netmail 3.1
novell netmail 3.0.3a
CVE-2002-1002 MEDIUM

Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell emframe 1.2.1
CVE-2002-1088 HIGH

Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 6.0
novell groupwise 6.0.1
CVE-2002-1283 MEDIUM

Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell emframe 1.2.1
CVE-2002-1413 HIGH

RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" (SSL) option during a connection.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.0
CVE-2002-1417 MEDIUM

Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell small_business_suite 6.0
novell small_business_suite 5.1
novell netware 6.0
CVE-2002-1418 MEDIUM

Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell small_business_suite 6.0
novell small_business_suite 5.1
novell netware 6.0
CVE-2002-1436 HIGH

The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST request.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2002-1437 MEDIUM

Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read arbitrary files via an HTTP request containing "..%5c" (URL-encoded dot-dot backslash) sequences.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2002-1438 MEDIUM

The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v option.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2002-1552 HIGH

Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell edirectory 85.24
novell edirectory 85.20
novell edirectory 8.6.2
novell edirectory 85.30
CVE-2002-1634 MEDIUM

Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2) allfield.jse, (3) websinfo.bas, (4) ndslogin.pl, (5) volscgi.pl, (6) lancgi.pl, (7) test.jse, or (8) env.pl.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 5.0
CVE-2002-1754 LOW

Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware_client 4.80
novell netware_client 4.82
novell netware_client 4.83
novell netware_client 4.81
CVE-2002-1772 MEDIUM

Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS) account, and executing "net use" on an NDS_ADM account that is not in the NT domain but has domain access rights, which allows the user to enter a null password.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 5.0
CVE-2002-2083 LOW

The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?" help feature, which can be launched from the Novell Netware login screen.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware *
CVE-2002-2096 HIGH

Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long (1) username or (2) password.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2002-2119 HIGH

Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-178,

Products Affected

Vendor Product Version
novell edirectory 8.6.2
novell edirectory 8.7
CVE-2002-2432 MEDIUM

Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell netware_ftp_server 5.02i
novell netware *
novell netware_ftp_server 5.01o
novell netware_ftp_server 5.02r
novell netware_ftp_server 5.02b
novell netware_ftp_server 5.01w
novell netware_ftp_server 5.01y
novell netware_ftp_server *
novell netware_ftp_server 5.01i
CVE-2002-2433 MEDIUM

NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell netware_ftp_server 5.02i
novell netware 5.1
novell netware 6.5
novell netware_ftp_server 5.01o
novell netware_ftp_server 5.02r
novell netware_ftp_server 5.02b
novell netware 6.0
novell netware_ftp_server 5.01w
novell netware_ftp_server 5.01y
novell netware_ftp_server *
novell netware_ftp_server 5.01i
CVE-2002-2434 MEDIUM

NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to cause a denial of service (abend) via multiple FTP sessions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.5
novell netware_ftp_server 5.01o
novell netware 6.0
novell netware_ftp_server 5.01w
novell netware_ftp_server 5.01y
novell netware_ftp_server *
novell netware_ftp_server 5.01i
CVE-2003-0562 MEDIUM

Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2003-0635 MEDIUM

Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.2
CVE-2003-0636 HIGH

Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.2
CVE-2003-0637 MEDIUM

Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-203,

Products Affected

Vendor Product Version
novell ichain 2.2
CVE-2003-0638 HIGH

Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.1
CVE-2003-0639 MEDIUM

Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.1
CVE-2003-0976 HIGH

NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2003-1150 HIGH

Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks_desktops 3.2
novell zenworks_desktops 4.0
novell netware 6.0
novell zenworks_desktops 4.0.1
CVE-2003-1551 HIGH

Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell groupwise *
CVE-2003-1591 MEDIUM

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware 6.0
CVE-2003-1592 MEDIUM

Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware 6.0
novell netware_ftp_server *
CVE-2003-1593 HIGH

NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware 6.0
novell netware_ftp_server *
CVE-2003-1594 HIGH

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware_ftp_server *
CVE-2003-1595 HIGH

NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware_ftp_server *
CVE-2003-1596 HIGH

NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware_ftp_server 5.01o
novell netware_ftp_server 5.02r
novell netware 6.0
novell netware_ftp_server 5.01w
novell netware_ftp_server 5.01y
novell netware_ftp_server *
novell netware_ftp_server 5.02y
novell netware_ftp_server 5.02i
novell netware 6.5
novell netware_ftp_server 5.02b
novell netware_ftp_server 5.01i
CVE-2004-0079 MEDIUM

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,CWE-476,

Products Affected

Vendor Product Version
apple mac_os_x 10.3.3
checkpoint firewall-1 next_generation_fp0
tarantella tarantella_enterprise 3.40
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco webns 7.10_.0.06s
bluecoat cacheos_ca_sa 4.1.10
neoteris instant_virtual_extranet 3.0
hp aaa_server *
lite speed_technologies_litespeed_web_server 1.1
avaya vsu 100_r2.0.1
hp apache-based_web_server 2.0.43.00
cisco ios 12.2sy
checkpoint vpn-1 next_generation_fp1
vmware gsx_server 2.5.1_build_5336
openssl openssl 0.9.6d
avaya vsu 5
avaya vsu 5x
cisco pix_firewall_software 6.1(2)
lite speed_technologies_litespeed_web_server 1.2.1
checkpoint firewall-1 *
cisco pix_firewall_software 6.2(2)
cisco mds_9000 *
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonegate_vpn_client 2.0.8
checkpoint provider-1 4.1
cisco gss_4490_global_site_selector *
cisco ios 12.1(11b)e14
stonesoft stonebeat_fullcluster 1_3.0
cisco call_manager *
stonesoft servercluster 2.5
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco webns 7.2_0.0.03
stonesoft stonegate_vpn_client 2.0
avaya sg208 4.4
avaya intuity_audix s3210
securecomputing sidewinder 5.2.1
dell bsafe_ssl-j 3.0.1
openbsd openbsd 3.4
stonesoft stonebeat_securitycluster 2.5
securecomputing sidewinder 5.2.0.02
apple mac_os_x_server 10.3.3
novell edirectory 8.7
cisco webns 7.1_0.2.06
cisco okena_stormwatch 3.2
openssl openssl 0.9.6j
avaya intuity_audix *
stonesoft stonegate 2.0.5
redhat linux 8.0
cisco pix_firewall_software 6.1(5)
cisco webns 7.1_0.1.02
cisco pix_firewall_software 6.1
lite speed_technologies_litespeed_web_server 1.3
cisco webns 7.10
avaya s8300 r2.0.0
avaya vsu 10000_r2.0.1
avaya converged_communications_server 2.0
hp apache-based_web_server 2.0.43.04
4d webstar 5.3.1
cisco pix_firewall_software 6.2(3.100)
symantec clientless_vpn_gateway_4400 5.0
openssl openssl 0.9.7c
freebsd freebsd 4.9
neoteris instant_virtual_extranet 3.3.1
avaya sg203 4.4
4d webstar 5.2.3
cisco content_services_switch_11500 *
freebsd freebsd 4.8
bluecoat cacheos_ca_sa 4.1.12
cisco css11000_content_services_switch *
cisco ios 12.2(14)sy1
checkpoint vpn-1 next_generation_fp2
sgi propack 3.0
redhat linux 7.3
stonesoft stonegate 2.0.1
vmware gsx_server 2.5.1
cisco pix_firewall_software 6.0(4.101)
stonesoft stonebeat_securitycluster 2.0
openssl openssl 0.9.6c
stonesoft stonegate 1.7.2
avaya s8700 r2.0.1
sun crypto_accelerator_4000 1.0
cisco pix_firewall_software 6.0(1)
stonesoft stonegate 2.0.9
cisco firewall_services_module 1.1.2
cisco pix_firewall_software 6.3(1)
cisco pix_firewall_software 6.2(1)
lite speed_technologies_litespeed_web_server 1.2_rc1
4d webstar 5.2.1
stonesoft stonebeat_fullcluster 1_2.0
bluecoat proxysg *
cisco ciscoworks_common_services 2.2
stonesoft stonegate 2.1
stonesoft stonegate 2.0.7
cisco pix_firewall 6.2.2_.111
stonesoft stonebeat_webcluster 2.0
cisco ios 12.2(14)sy
lite speed_technologies_litespeed_web_server 1.2.2
avaya sg200 4.31.29
cisco webns 6.10_b4
novell edirectory 8.5
cisco ios 12.1(19)e1
hp wbem a.02.00.01
stonesoft stonegate 1.6.2
avaya sg208 *
4d webstar 4.0
stonesoft stonebeat_fullcluster 2.5
cisco pix_firewall_software 6.0(2)
cisco css_secure_content_accelerator 2.0
redhat enterprise_linux_desktop 3.0
novell edirectory 8.0
novell imanager 2.0
redhat openssl 0.9.7a-2
hp wbem a.02.00.00
openssl openssl 0.9.6i
novell edirectory 8.5.27
cisco application_and_content_networking_software *
securecomputing sidewinder 5.2
stonesoft stonegate 2.0.4
cisco gss_4480_global_site_selector *
dell bsafe_ssl-j 3.1
tarantella tarantella_enterprise 3.30
cisco ciscoworks_common_management_foundation 2.1
avaya s8300 r2.0.1
cisco ios 12.1(11b)e
openssl openssl 0.9.6g
cisco pix_firewall_software 6.3(2)
securecomputing sidewinder 5.2.0.01
avaya intuity_audix s3400
cisco threat_response *
stonesoft stonegate 1.6.3
cisco pix_firewall_software 6.1(1)
hp wbem a.01.05.08
cisco firewall_services_module 1.1.3
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.0(3)
checkpoint firewall-1 2.0
stonesoft stonegate 2.2.4
hp hp-ux 11.00
lite speed_technologies_litespeed_web_server 1.0.2
checkpoint firewall-1 next_generation_fp1
neoteris instant_virtual_extranet 3.1
avaya vsu 500
stonesoft stonegate_vpn_client 2.0.9
lite speed_technologies_litespeed_web_server 1.3_rc1
cisco webns 6.10
cisco pix_firewall_software 6.3(3.109)
stonesoft stonebeat_webcluster 2.5
checkpoint firewall-1 next_generation_fp2
redhat openssl 0.9.6-15
lite speed_technologies_litespeed_web_server 1.3_rc3
cisco firewall_services_module *
avaya sg200 4.4
sco openserver 5.0.6
openssl openssl 0.9.6f
hp hp-ux 8.05
cisco css_secure_content_accelerator 1.0
openbsd openbsd 3.3
freebsd freebsd 5.2.1
avaya s8500 r2.0.0
openssl openssl 0.9.6k
cisco pix_firewall_software 6.1(3)
cisco pix_firewall_software 6.0
freebsd freebsd 5.2
lite speed_technologies_litespeed_web_server 1.0.3
securecomputing sidewinder 5.2.1.02
4d webstar 5.2.2
stonesoft stonegate 1.5.17
cisco pix_firewall_software 6.1(4)
checkpoint vpn-1 next_generation_fp0
4d webstar 5.2.4
vmware gsx_server 2.0
cisco pix_firewall_software 6.3(3.102)
cisco ios 12.1(13)e9
stonesoft stonebeat_fullcluster 2.0
lite speed_technologies_litespeed_web_server 1.3.1
securecomputing sidewinder 5.2.0.03
novell edirectory 8.6.2
hp hp-ux 11.23
openssl openssl 0.9.7b
avaya s8500 r2.0.1
stonesoft servercluster 2.5.2
cisco ios 12.1(11)e
hp hp-ux 11.11
cisco secure_content_accelerator 10000
avaya vsu 2000_r2.0.1
stonesoft stonegate_vpn_client 1.7.2
redhat enterprise_linux 3.0
sco openserver 5.0.7
sgi propack 2.3
stonesoft stonegate 1.7.1
stonesoft stonegate 1.5.18
openssl openssl 0.9.7a
cisco pix_firewall_software 6.0(4)
tarantella tarantella_enterprise 3.20
stonesoft stonegate 2.2
novell imanager 1.5
avaya s8700 r2.0.0
avaya sg5 4.4
redhat openssl 0.9.6b-3
freebsd freebsd 5.1
vmware gsx_server 3.0_build_7592
cisco firewall_services_module 1.1_(3.005)
neoteris instant_virtual_extranet 3.3
vmware gsx_server 2.0.1_build_2129
stonesoft stonegate 2.0.8
novell edirectory 8.5.12a
novell edirectory 8.7.1
cisco access_registrar *
cisco firewall_services_module 2.1_(0.208)
stonesoft stonebeat_fullcluster 3.0
stonesoft stonegate 2.2.1
openssl openssl 0.9.6e
4d webstar 5.3
stonesoft stonegate 1.7
cisco pix_firewall_software 6.2(3)
avaya sg5 4.2
avaya intuity_audix 5.1.46
securecomputing sidewinder 5.2.0.04
neoteris instant_virtual_extranet 3.2
dell bsafe_ssl-j 3.0
avaya sg5 4.3
cisco pix_firewall_software 6.2
lite speed_technologies_litespeed_web_server 1.1.1
sgi propack 2.4
openssl openssl 0.9.6h
stonesoft stonegate_vpn_client 1.7
redhat linux 7.2
avaya sg203 4.31.29
cisco ios 12.2za
cisco pix_firewall_software 6.3
cisco ios 12.1(11b)e12
openssl openssl 0.9.7
avaya vsu 5000_r2.0.1
lite speed_technologies_litespeed_web_server 1.0.1
stonesoft stonegate 2.0.6
stonesoft stonegate_vpn_client 2.0.7
4d webstar 5.2
CVE-2004-0081 MEDIUM

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
apple mac_os_x 10.3.3
checkpoint firewall-1 next_generation_fp0
tarantella tarantella_enterprise 3.40
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco webns 7.10_.0.06s
bluecoat cacheos_ca_sa 4.1.10
neoteris instant_virtual_extranet 3.0
hp aaa_server *
lite speed_technologies_litespeed_web_server 1.1
avaya vsu 100_r2.0.1
hp apache-based_web_server 2.0.43.00
cisco ios 12.2sy
checkpoint vpn-1 next_generation_fp1
vmware gsx_server 2.5.1_build_5336
openssl openssl 0.9.6d
avaya vsu 5
avaya vsu 5x
cisco pix_firewall_software 6.1(2)
lite speed_technologies_litespeed_web_server 1.2.1
checkpoint firewall-1 *
cisco pix_firewall_software 6.2(2)
cisco mds_9000 *
lite speed_technologies_litespeed_web_server 1.2_rc2
stonesoft stonegate_vpn_client 2.0.8
checkpoint provider-1 4.1
cisco gss_4490_global_site_selector *
cisco ios 12.1(11b)e14
stonesoft stonebeat_fullcluster 1_3.0
cisco call_manager *
stonesoft servercluster 2.5
lite speed_technologies_litespeed_web_server 1.3_rc2
cisco webns 7.2_0.0.03
stonesoft stonegate_vpn_client 2.0
avaya sg208 4.4
avaya intuity_audix s3210
securecomputing sidewinder 5.2.1
dell bsafe_ssl-j 3.0.1
openbsd openbsd 3.4
stonesoft stonebeat_securitycluster 2.5
securecomputing sidewinder 5.2.0.02
apple mac_os_x_server 10.3.3
novell edirectory 8.7
checkpoint vpn-1 next_generation
cisco webns 7.1_0.2.06
cisco okena_stormwatch 3.2
openssl openssl 0.9.6j
avaya intuity_audix *
stonesoft stonegate 2.0.5
redhat linux 8.0
cisco pix_firewall_software 6.1(5)
cisco webns 7.1_0.1.02
cisco pix_firewall_software 6.1
lite speed_technologies_litespeed_web_server 1.3
cisco webns 7.10
avaya s8300 r2.0.0
avaya vsu 10000_r2.0.1
avaya converged_communications_server 2.0
hp apache-based_web_server 2.0.43.04
4d webstar 5.3.1
cisco pix_firewall_software 6.2(3.100)
symantec clientless_vpn_gateway_4400 5.0
openssl openssl 0.9.7c
freebsd freebsd 4.9
neoteris instant_virtual_extranet 3.3.1
avaya sg203 4.4
4d webstar 5.2.3
cisco content_services_switch_11500 *
freebsd freebsd 4.8
bluecoat cacheos_ca_sa 4.1.12
cisco css11000_content_services_switch *
cisco ios 12.2(14)sy1
sgi propack 3.0
redhat linux 7.3
stonesoft stonegate 2.0.1
vmware gsx_server 2.5.1
cisco pix_firewall_software 6.0(4.101)
stonesoft stonebeat_securitycluster 2.0
openssl openssl 0.9.6c
stonesoft stonegate 1.7.2
avaya s8700 r2.0.1
sun crypto_accelerator_4000 1.0
cisco pix_firewall_software 6.0(1)
stonesoft stonegate 2.0.9
cisco firewall_services_module 1.1.2
cisco pix_firewall_software 6.3(1)
cisco pix_firewall_software 6.2(1)
lite speed_technologies_litespeed_web_server 1.2_rc1
4d webstar 5.2.1
stonesoft stonebeat_fullcluster 1_2.0
bluecoat proxysg *
cisco ciscoworks_common_services 2.2
stonesoft stonegate 2.1
stonesoft stonegate 2.0.7
cisco pix_firewall 6.2.2_.111
stonesoft stonebeat_webcluster 2.0
cisco ios 12.2(14)sy
lite speed_technologies_litespeed_web_server 1.2.2
avaya sg200 4.31.29
cisco webns 6.10_b4
novell edirectory 8.5
cisco ios 12.1(19)e1
hp wbem a.02.00.01
stonesoft stonegate 1.6.2
avaya sg208 *
4d webstar 4.0
stonesoft stonebeat_fullcluster 2.5
cisco pix_firewall_software 6.0(2)
cisco css_secure_content_accelerator 2.0
redhat enterprise_linux_desktop 3.0
novell edirectory 8.0
novell imanager 2.0
redhat openssl 0.9.7a-2
hp wbem a.02.00.00
openssl openssl 0.9.6i
novell edirectory 8.5.27
cisco application_and_content_networking_software *
securecomputing sidewinder 5.2
stonesoft stonegate 2.0.4
cisco gss_4480_global_site_selector *
dell bsafe_ssl-j 3.1
tarantella tarantella_enterprise 3.30
cisco ciscoworks_common_management_foundation 2.1
avaya s8300 r2.0.1
cisco ios 12.1(11b)e
openssl openssl 0.9.6g
cisco pix_firewall_software 6.3(2)
securecomputing sidewinder 5.2.0.01
avaya intuity_audix s3400
cisco threat_response *
stonesoft stonegate 1.6.3
cisco pix_firewall_software 6.1(1)
hp wbem a.01.05.08
cisco firewall_services_module 1.1.3
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.0(3)
checkpoint firewall-1 2.0
stonesoft stonegate 2.2.4
hp hp-ux 11.00
lite speed_technologies_litespeed_web_server 1.0.2
checkpoint firewall-1 next_generation_fp1
neoteris instant_virtual_extranet 3.1
avaya vsu 500
stonesoft stonegate_vpn_client 2.0.9
lite speed_technologies_litespeed_web_server 1.3_rc1
cisco webns 6.10
cisco pix_firewall_software 6.3(3.109)
stonesoft stonebeat_webcluster 2.5
checkpoint firewall-1 next_generation_fp2
redhat openssl 0.9.6-15
lite speed_technologies_litespeed_web_server 1.3_rc3
cisco firewall_services_module *
avaya sg200 4.4
sco openserver 5.0.6
openssl openssl 0.9.6f
hp hp-ux 8.05
cisco css_secure_content_accelerator 1.0
openbsd openbsd 3.3
freebsd freebsd 5.2.1
avaya s8500 r2.0.0
openssl openssl 0.9.6k
cisco pix_firewall_software 6.1(3)
cisco pix_firewall_software 6.0
freebsd freebsd 5.2
lite speed_technologies_litespeed_web_server 1.0.3
securecomputing sidewinder 5.2.1.02
4d webstar 5.2.2
stonesoft stonegate 1.5.17
cisco pix_firewall_software 6.1(4)
checkpoint vpn-1 next_generation_fp0
4d webstar 5.2.4
vmware gsx_server 2.0
cisco pix_firewall_software 6.3(3.102)
cisco ios 12.1(13)e9
stonesoft stonebeat_fullcluster 2.0
lite speed_technologies_litespeed_web_server 1.3.1
securecomputing sidewinder 5.2.0.03
novell edirectory 8.6.2
hp hp-ux 11.23
openssl openssl 0.9.7b
avaya s8500 r2.0.1
stonesoft servercluster 2.5.2
cisco ios 12.1(11)e
hp hp-ux 11.11
cisco secure_content_accelerator 10000
avaya vsu 2000_r2.0.1
stonesoft stonegate_vpn_client 1.7.2
redhat enterprise_linux 3.0
sco openserver 5.0.7
sgi propack 2.3
stonesoft stonegate 1.7.1
stonesoft stonegate 1.5.18
openssl openssl 0.9.7a
cisco pix_firewall_software 6.0(4)
tarantella tarantella_enterprise 3.20
stonesoft stonegate 2.2
novell imanager 1.5
avaya s8700 r2.0.0
avaya sg5 4.4
redhat openssl 0.9.6b-3
freebsd freebsd 5.1
vmware gsx_server 3.0_build_7592
cisco firewall_services_module 1.1_(3.005)
neoteris instant_virtual_extranet 3.3
vmware gsx_server 2.0.1_build_2129
stonesoft stonegate 2.0.8
novell edirectory 8.5.12a
novell edirectory 8.7.1
cisco access_registrar *
cisco firewall_services_module 2.1_(0.208)
stonesoft stonebeat_fullcluster 3.0
stonesoft stonegate 2.2.1
openssl openssl 0.9.6e
4d webstar 5.3
stonesoft stonegate 1.7
cisco pix_firewall_software 6.2(3)
avaya sg5 4.2
avaya intuity_audix 5.1.46
securecomputing sidewinder 5.2.0.04
neoteris instant_virtual_extranet 3.2
dell bsafe_ssl-j 3.0
avaya sg5 4.3
cisco pix_firewall_software 6.2
lite speed_technologies_litespeed_web_server 1.1.1
sgi propack 2.4
openssl openssl 0.9.6h
stonesoft stonegate_vpn_client 1.7
redhat linux 7.2
avaya sg203 4.31.29
cisco ios 12.2za
cisco pix_firewall_software 6.3
cisco ios 12.1(11b)e12
openssl openssl 0.9.7
avaya vsu 5000_r2.0.1
lite speed_technologies_litespeed_web_server 1.0.1
stonesoft stonegate 2.0.6
stonesoft stonegate_vpn_client 2.0.7
4d webstar 5.2
CVE-2004-0112 MEDIUM

The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
apple mac_os_x 10.3.3
checkpoint firewall-1 next_generation_fp0
tarantella tarantella_enterprise 3.40
checkpoint vpn-1 vsx_ng_with_application_intelligence
cisco webns 7.10_.0.06s
bluecoat cacheos_ca_sa 4.1.10
neoteris instant_virtual_extranet 3.0
hp aaa_server *
forcepoint stonegate 1.7.1
avaya vsu 100_r2.0.1
hp apache-based_web_server 2.0.43.00
cisco ios 12.2sy
checkpoint vpn-1 next_generation_fp1
vmware gsx_server 2.5.1_build_5336
openssl openssl 0.9.6d
avaya vsu 5
avaya vsu 5x
cisco pix_firewall_software 6.1(2)
checkpoint firewall-1 *
cisco pix_firewall_software 6.2(2)
cisco mds_9000 *
checkpoint provider-1 4.1
cisco gss_4490_global_site_selector *
cisco ios 12.1(11b)e14
stonesoft stonebeat_fullcluster 1_3.0
cisco call_manager *
stonesoft servercluster 2.5
cisco webns 7.2_0.0.03
avaya sg208 4.4
avaya intuity_audix s3210
securecomputing sidewinder 5.2.1
dell bsafe_ssl-j 3.0.1
openbsd openbsd 3.4
stonesoft stonebeat_securitycluster 2.5
securecomputing sidewinder 5.2.0.02
forcepoint stonegate 2.2.1
apple mac_os_x_server 10.3.3
novell edirectory 8.7
forcepoint stonegate 1.7
cisco webns 7.1_0.2.06
cisco okena_stormwatch 3.2
openssl openssl 0.9.6j
avaya intuity_audix *
forcepoint stonegate 1.6.2
redhat linux 8.0
cisco pix_firewall_software 6.1(5)
cisco webns 7.1_0.1.02
cisco pix_firewall_software 6.1
cisco webns 7.10
avaya s8300 r2.0.0
avaya vsu 10000_r2.0.1
avaya converged_communications_server 2.0
hp apache-based_web_server 2.0.43.04
4d webstar 5.3.1
cisco pix_firewall_software 6.2(3.100)
symantec clientless_vpn_gateway_4400 5.0
openssl openssl 0.9.7c
freebsd freebsd 4.9
neoteris instant_virtual_extranet 3.3.1
avaya sg203 4.4
4d webstar 5.2.3
cisco content_services_switch_11500 *
forcepoint stonegate 2.0.5
freebsd freebsd 4.8
bluecoat cacheos_ca_sa 4.1.12
cisco css11000_content_services_switch *
cisco ios 12.2(14)sy1
checkpoint vpn-1 next_generation_fp2
sgi propack 3.0
redhat linux 7.3
vmware gsx_server 2.5.1
cisco pix_firewall_software 6.0(4.101)
stonesoft stonebeat_securitycluster 2.0
openssl openssl 0.9.6c
avaya s8700 r2.0.1
sun crypto_accelerator_4000 1.0
cisco pix_firewall_software 6.0(1)
cisco firewall_services_module 1.1.2
cisco pix_firewall_software 6.3(1)
cisco pix_firewall_software 6.2(1)
4d webstar 5.2.1
stonesoft stonebeat_fullcluster 1_2.0
bluecoat proxysg *
forcepoint stonegate 1.6.3
cisco ciscoworks_common_services 2.2
forcepoint stonegate 2.0.7
cisco pix_firewall 6.2.2_.111
stonesoft stonebeat_webcluster 2.0
cisco ios 12.2(14)sy
avaya sg200 4.31.29
cisco webns 6.10_b4
novell edirectory 8.5
cisco ios 12.1(19)e1
hp wbem a.02.00.01
avaya sg208 *
4d webstar 4.0
stonesoft stonebeat_fullcluster 2.5
cisco pix_firewall_software 6.0(2)
cisco css_secure_content_accelerator 2.0
redhat enterprise_linux_desktop 3.0
novell edirectory 8.0
novell imanager 2.0
redhat openssl 0.9.7a-2
hp wbem a.02.00.00
openssl openssl 0.9.6i
novell edirectory 8.5.27
cisco application_and_content_networking_software *
securecomputing sidewinder 5.2
cisco gss_4480_global_site_selector *
dell bsafe_ssl-j 3.1
tarantella tarantella_enterprise 3.30
cisco ciscoworks_common_management_foundation 2.1
avaya s8300 r2.0.1
cisco ios 12.1(11b)e
openssl openssl 0.9.6g
forcepoint stonegate 1.5.17
cisco pix_firewall_software 6.3(2)
securecomputing sidewinder 5.2.0.01
avaya intuity_audix s3400
cisco threat_response *
cisco pix_firewall_software 6.1(1)
hp wbem a.01.05.08
cisco firewall_services_module 1.1.3
avaya vsu 7500_r2.0.1
cisco pix_firewall_software 6.0(3)
checkpoint firewall-1 2.0
hp hp-ux 11.00
litespeedtech litespeed_web_server 1.0.1
checkpoint firewall-1 next_generation_fp1
neoteris instant_virtual_extranet 3.1
forcepoint stonegate 2.0.1
avaya vsu 500
cisco webns 6.10
cisco pix_firewall_software 6.3(3.109)
stonesoft stonebeat_webcluster 2.5
checkpoint firewall-1 next_generation_fp2
redhat openssl 0.9.6-15
cisco firewall_services_module *
avaya sg200 4.4
sco openserver 5.0.6
openssl openssl 0.9.6f
hp hp-ux 8.05
cisco css_secure_content_accelerator 1.0
openbsd openbsd 3.3
freebsd freebsd 5.2.1
avaya s8500 r2.0.0
openssl openssl 0.9.6k
forcepoint stonegate 2.2.4
cisco pix_firewall_software 6.1(3)
cisco pix_firewall_software 6.0
freebsd freebsd 5.2
securecomputing sidewinder 5.2.1.02
forcepoint stonegate 2.0.6
4d webstar 5.2.2
cisco pix_firewall_software 6.1(4)
checkpoint vpn-1 next_generation_fp0
4d webstar 5.2.4
vmware gsx_server 2.0
cisco pix_firewall_software 6.3(3.102)
cisco ios 12.1(13)e9
stonesoft stonebeat_fullcluster 2.0
securecomputing sidewinder 5.2.0.03
novell edirectory 8.6.2
hp hp-ux 11.23
openssl openssl 0.9.7b
avaya s8500 r2.0.1
stonesoft servercluster 2.5.2
forcepoint stonegate 2.0.8
cisco ios 12.1(11)e
hp hp-ux 11.11
cisco secure_content_accelerator 10000
avaya vsu 2000_r2.0.1
redhat enterprise_linux 3.0
sco openserver 5.0.7
sgi propack 2.3
openssl openssl 0.9.7a
cisco pix_firewall_software 6.0(4)
tarantella tarantella_enterprise 3.20
novell imanager 1.5
forcepoint stonegate 2.0.9
avaya s8700 r2.0.0
forcepoint stonegate 1.5.18
avaya sg5 4.4
redhat openssl 0.9.6b-3
freebsd freebsd 5.1
vmware gsx_server 3.0_build_7592
cisco firewall_services_module 1.1_(3.005)
neoteris instant_virtual_extranet 3.3
vmware gsx_server 2.0.1_build_2129
novell edirectory 8.5.12a
forcepoint stonegate 2.0.4
novell edirectory 8.7.1
cisco access_registrar *
cisco firewall_services_module 2.1_(0.208)
stonesoft stonebeat_fullcluster 3.0
openssl openssl 0.9.6e
4d webstar 5.3
cisco pix_firewall_software 6.2(3)
avaya sg5 4.2
avaya intuity_audix 5.1.46
securecomputing sidewinder 5.2.0.04
forcepoint stonegate 2.2
neoteris instant_virtual_extranet 3.2
forcepoint stonegate 2.1
dell bsafe_ssl-j 3.0
avaya sg5 4.3
cisco pix_firewall_software 6.2
sgi propack 2.4
forcepoint stonegate 1.7.2
openssl openssl 0.9.6h
redhat linux 7.2
avaya sg203 4.31.29
cisco ios 12.2za
cisco pix_firewall_software 6.3
cisco ios 12.1(11b)e12
openssl openssl 0.9.7
avaya vsu 5000_r2.0.1
4d webstar 5.2
CVE-2004-1457 MEDIUM

The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.8
CVE-2004-2103 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary script or HTML as other users via (1) a malformed request for a Perl program with script in the filename, (2) the User.id parameter to the webacc servlet, (3) the GWAP.version parameter to webacc, or (4) a URL request for a .bas file with script in the filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2004-2104 MEDIUM

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP address, via a direct request to (1) snoop.jsp, (2) SnoopServlet, (3) env.bas, or (4) lcgitest.nlm.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2004-2105 MEDIUM

The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full pathname in the error parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2004-2106 MEDIUM

Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2) /com/novell/, (3) /com/novell/webaccess, or (4) /ns-icons/.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.0
CVE-2004-2298 MEDIUM

Novell Internet Messaging System (NIMS) 2.6 and 3.0, and NetMail 3.1 and 3.5, is installed with a default NMAP authentication credential, which allows remote attackers to read and write mail store data if the administrator does not change the credential by using the NMAP Credential Generator.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell internet_messaging_system 3.0
novell netmail 3.5
novell netmail 3.1
novell internet_messaging_system 2.6
CVE-2004-2314 HIGH

The Telnet listener for Novell iChain Server before 2.2 Field Patch 3b 2.2.116 does not have a password by default, which allows remote attackers to gain access.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain *
CVE-2004-2414 LOW

Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2004-2554 HIGH

Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell client_firewall 2.0
CVE-2004-2579 HIGH

ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
CVE-2004-2580 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
CVE-2004-2581 MEDIUM

Novell iChain 2.3 allows attackers to cause a denial of service via a URL with a "specific string."

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
CVE-2004-2582 MEDIUM

Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
CVE-2004-2734 HIGH

webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2004-2757 MEDIUM

Cross-site scripting (XSS) vulnerability in the failed login page in Novell iChain before 2.2 build 2.2.113 and 2.3 First Customer Ship (FCS) allows remote attackers to inject arbitrary web script or HTML via url parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell ichain *
CVE-2004-2767 MEDIUM

NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establishing many FTP sessions that persist for the lifetime of a DS session.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware *
novell netware_ftp_server *
CVE-2005-0296 MEDIUM

NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise_webaccess 6.0
novell groupwise_webaccess 6.5
novell groupwise 6.5
novell groupwise 6.0
CVE-2005-0744 HIGH

The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
novell ichain 2.2
CVE-2005-0746 MEDIUM

The Mini FTP server in Novell iChain 2.2 and 2.3 SP2 and earlier allows remote unauthenticated attackers to obtain the full path of the server via the PWD command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
novell ichain 2.2.113
novell ichain 2.2
CVE-2005-0798 HIGH

Novell iChain Mini FTP Server 2.3, and possibly earlier versions, does not limit the number of incorrect logins, which makes it easier for remote attackers to conduct brute force login attacks.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell ichain 2.3
novell ichain 2.2.113
novell ichain 2.2
CVE-2005-0819 MEDIUM

The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2005-1040 HIGH

Multiple unknown vulnerabilities in netapplet in Novell Linux Desktop 9 allow local users to gain root privileges, related to "User input [being] passed to network scripts without verification."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell linux_desktop 9
CVE-2005-1060 MEDIUM

Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service (ABEND by Page Fault Processor Exception) via certain packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware 6.0
CVE-2005-1065 LOW

tetex in Novell Linux Desktop 9 allows local users to determine the existence of arbitrary files via a symlink attack in the /var/cache/fonts directory.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell linux_desktop 9
CVE-2005-1247 MEDIUM

webadmin.exe in Novell Nsure Audit 1.0.1 allows remote attackers to cause a denial of service via malformed ASN.1 packets in corrupt client certificates to an SSL server, as demonstrated using an exploit for the OpenSSL ASN.1 parsing vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell nsure_audit 1.0.1
CVE-2005-1543 HIGH

Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks_remote_management *
novell zenworks_desktops 3.2
novell zenworks 6.5
novell zenworks_desktops 4.0
novell zenworks_servers 3.2
novell zenworks_desktops 4.0.1
novell zenworks_server_management 6.5
CVE-2005-1729 MEDIUM

Novell eDirectory 8.7.3 allows remote attackers to cause a denial of service (application crash) via a URL containing an MS-DOS device name such as AUX, CON, PRN, COM1, or LPT1.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell edirectory 8.7.3
CVE-2005-1730 HIGH

Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap CVE-2004-0079, CVE-2004-0081, or CVE-2004-0112.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell imanager *
CVE-2005-1756 MEDIUM

Cross-site scripting (XSS) vulnerability in the ModWeb agent for Novell NetMail 3.52 before 3.52C allows remote attackers to inject arbitrary web script or HTML via calendar display fields.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail 3.10
novell netmail 3.5.2
novell netmail 3.1
novell netmail 3.0.3a
CVE-2005-1757 HIGH

Buffer overflow in the Modweb agent for Novell NetMail 3.52 before 3.52C, when renaming folders, may allow attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail 3.10
novell netmail 3.5.2
novell netmail 3.1
novell netmail 3.0.3a
CVE-2005-1758 HIGH

Buffer overflow in the IMAP command continuation function in Novell NetMail 3.52 before 3.52C may allow remote attackers to execute arbitrary code.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail 3.10
novell netmail 3.5.2
novell netmail 3.1
novell netmail 3.0.3a
CVE-2005-1761 LOW

Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the restore_sigcontext function.

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 9.3
suse suse_linux 9.2
suse suse_linux 8
novell open_enterprise_server 9
suse suse_linux 1.0
suse suse_linux 9.1
novell linux_desktop 9
CVE-2005-1763 HIGH

Buffer overflow in ptrace in the Linux Kernel for 64-bit architectures allows local users to write bytes into kernel memory.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 8
suse suse_linux 1.0
novell linux_desktop 9
CVE-2005-1767 LOW

traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial of service (oops and stack fault exception).

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 9.3
suse suse_linux 9.2
suse suse_linux 8
novell open_enterprise_server 9
suse suse_linux 1.0
suse suse_linux 9.1
novell linux_desktop 9
CVE-2005-1976 LOW

Novell NetMail 3.5.2a, 3.5.2b, and 3.5.2c, when running on Linux, sets the owner and group ID to 500 for certain files, which could allow users or groups with that ID to execute arbitrary code or cause a denial of service by modifying those files.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail 3.5.2
CVE-2005-2176 MEDIUM

Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail 3.10
novell netmail 3.0.1
novell netmail 3.5.2
novell netmail 3.1
novell netmail 3.0.3a
CVE-2005-2276 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell Groupwise WebAccess 6.5 before July 11, 2005 allows remote attackers to inject arbitrary web script or HTML via an e-mail message with an encoded javascript URI (e.g. "j&#X41vascript" in an IMG tag.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise_webaccess 6.0
novell groupwise_webaccess 6.5
CVE-2005-2346 HIGH

Buffer overflow in Novell GroupWise 6.5 Client allows remote attackers to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 6.5
CVE-2005-2469 MEDIUM

Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netmail 3.5.2
CVE-2005-2551 HIGH

Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell edirectory 8.7.3
CVE-2005-2620 MEDIUM

grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 6.5.2
novell groupwise 6.5
novell groupwise 6.0
CVE-2005-2804 MEDIUM

Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise 6.5.3
CVE-2005-2852 MEDIUM

Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service (ABEND) via an incorrect password length, as exploited by the "worm.rbot.ccc" worm.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.5
novell netware 6.0
CVE-2005-3314 HIGH

Stack-based buffer overflow in the IMAP daemon in Novell Netmail 3.5.2 allows remote attackers to execute arbitrary code via "long verb arguments."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netmail 3.5.2
CVE-2005-3315 HIGH

Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks_patch_management_server 6.0.0.52
CVE-2005-3321 MEDIUM

chkstat in SuSE Linux 9.0 through 10.0 allows local users to modify permissions of files by creating a hardlink to a file from a world-writable directory, which can cause the link count to drop to 1 when the file is deleted or replaced, which is then modified by chkstat to use weaker permissions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.0
suse suse_linux 9.3
suse suse_linux 9.2
suse suse_linux 9.1
novell suse_linux 10.0
CVE-2005-3655 HIGH

Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows remote attackers to execute arbitrary code via an HTTP POST request with a negative Content-Length parameter.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell open_enterprise_server 9
CVE-2005-3786 MEDIUM

Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks 6.5
novell zenworks_servers 3.0.2
novell zenworks_desktops 4.0.1
CVE-2005-4790 MEDIUM

Multiple untrusted search path vulnerabilities in SUSE Linux 9.3 and 10.0, and possibly other distributions, cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) beagle, (2) tomboy, or (3) blam. NOTE: in August 2007, the tomboy vector was reported for other distributions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.3
novell suse_linux 10.0
CVE-2005-4791 LOW

Multiple untrusted search path vulnerabilities in SUSE Linux 10.0 cause the working directory to be added to LD_LIBRARY_PATH, which might allow local users to execute arbitrary code via (1) liferea or (2) banshee.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux 10.0
CVE-2005-4887 HIGH

NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell netware_ftp_server 5.01o
novell netware_ftp_server 5.02r
novell netware_ftp_server 5.01w
novell netware_ftp_server 5.04.25
novell netware_ftp_server 5.01y
novell netware_ftp_server *
novell netware_ftp_server 5.02y
novell netware_ftp_server 5.05
novell netware_ftp_server 5.02i
novell netware_ftp_server 5.05.04
novell netware 6.5
novell netware_ftp_server 5.03b
novell netware_ftp_server 5.03l
novell netware_ftp_server 5.04.5
novell netware_ftp_server 5.04.20
novell netware_ftp_server 5.02b
novell netware_ftp_server 5.04.8
CVE-2005-4888 MEDIUM

NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in the Not-Logged-In state after each session is completed.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware *
novell netware_ftp_server *
CVE-2006-0736 HIGH

Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell open_enterprise_server 1
novell linux_desktop 9
CVE-2006-0803 MEDIUM

The signature verification functionality in the YaST Online Update (YOU) script handling relies on a gpg feature that is not intended for signature verification, which prevents YOU from detecting malicious scripts or code that do not pass the signature check when gpg 1.4.x is being used.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 9.3
novell suse_linux 10.0
CVE-2006-0992 HIGH

Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. NOTE: due to a typo, the original ZDI advisory accidentally referenced CVE-2006-0092. This is the correct identifier.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise_messenger 2.0
CVE-2006-0997 MEDIUM

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell open_enterprise_server *
novell netware 6.5
CVE-2006-0998 MEDIUM

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell open_enterprise_server *
novell netware 6.5
CVE-2006-0999 MEDIUM

The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server to use weak encryption by stating that a weak cipher is required for client compatibility, which might allow remote attackers to decrypt contents of an SSL protected session.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell open_enterprise_server *
novell netware 6.5
CVE-2006-1218 MEDIUM

Unspecified vulnerability in the HTTP proxy in Novell BorderManager 3.8 and earlier allows remote attackers to cause a denial of service (CPU consumption and ABEND) via unknown attack vectors related to "media streaming over HTTP 1.1".

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell bordermanager 3.8
CVE-2006-1322 MEDIUM

Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for the target file, possibly due to a buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware_ftp_server 5.07
novell netware_ftp_server *
CVE-2006-2185 MEDIUM

PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod function fails, which allows context-dependent attackers to gain privileges.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2006-2304 HIGH

Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell client 4.90
novell client 4.83
novell client 4.91
CVE-2006-2327 MEDIUM

Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare 6.5 SP3, SP4, and SP5 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2006-2496 HIGH

Buffer overflow in iMonitor 2.4 in Novell eDirectory 8.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via unknown attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell edirectory 8.8
novell imonitor 2.4
CVE-2006-2612 LOW

Novell Client for Windows 4.8 and 4.9 does not restrict access to the clipboard contents while a machine is locked, which allows users with physical access to read the current clipboard contents by pasting them into the "User Name" field on the login prompt.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell client 4.8
novell client 4.9
CVE-2006-3268 MEDIUM

Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 6.5.2
novell groupwise 6.5.3
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 7.0
novell groupwise 6.5
novell groupwise 6.0
novell groupwise 5.2
CVE-2006-3425 HIGH

FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks *
lumension patchlink_update_server 6.2.0.189
lumension patchlink_update_server 6.1
lumension patchlink_update_server 6.2.0.181
CVE-2006-3426 MEDIUM

Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks *
lumension patchlink_update_server 6.2.0.189
lumension patchlink_update_server 6.1
lumension patchlink_update_server 6.2.0.181
CVE-2006-3430 HIGH

SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
novell zenworks *
lumension patchlink_update_server 6.2.0.189
lumension patchlink_update_server 6.1
lumension patchlink_update_server 6.2.0.181
CVE-2006-3697 HIGH

Agnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
lavasoft lavasoft_personal_firewall 1.0.543.5722.433
novell client_firewall 2.0
agnitum outpost_firewall 3.51.759.6511
CVE-2007-1285 MEDIUM

The Zend Engine in PHP 4.x before 4.4.7, and 5.x before 5.2.2, allows remote attackers to cause a denial of service (stack exhaustion and PHP crash) via deeply nested arrays, which trigger deep recursion in the variable destruction routines.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-674,

Products Affected

Vendor Product Version
redhat enterprise_linux_server 4.0
novell suse_linux 10.1
redhat enterprise_linux_workstation 4.0
redhat enterprise_linux_server 3.0
redhat enterprise_linux_server 2.0
php php *
suse linux_enterprise_server 8
redhat enterprise_linux_desktop 3.0
canonical ubuntu_linux 7.10
suse linux_enterprise_server 10
redhat enterprise_linux_desktop 4.0
redhat enterprise_linux_workstation 2.0
redhat enterprise_linux_workstation 3.0
novell suse_linux 10.0
CVE-2007-6716 MEDIUM

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
canonical ubuntu_linux 8.04
suse suse_linux_enterprise_server 10
canonical ubuntu_linux 7.10
suse suse_linux_enterprise_desktop 10
canonical ubuntu_linux 6.06
debian debian_linux 4.0
linux linux_kernel *
opensuse opensuse 10.3
novell linux_desktop 9
CVE-2007-6734 MEDIUM

NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories outside of the home server via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware 6.5
novell netware_ftp_server *
CVE-2007-6735 HIGH

NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended access restrictions via an FTP session.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell netware *
novell netware_ftp_server *
CVE-2008-2812 HIGH

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-476,

Products Affected

Vendor Product Version
opensuse opensuse 11.0
avaya messaging_storage_server 4.0
avaya sip_enablement_services 4.0
avaya communication_manager *
avaya expanded_meet-me_conferencing *
suse suse_linux_enterprise_desktop 10
canonical ubuntu_linux 6.06
debian debian_linux 4.0
opensuse opensuse 10.3
avaya intuity_audix_lx 2.0
canonical ubuntu_linux 7.04
canonical ubuntu_linux 8.04
avaya meeting_exchange 5.0
avaya message_networking 3.1
suse suse_linux_enterprise_server 10
canonical ubuntu_linux 7.10
avaya sip_enablement_services -
linux linux_kernel *
avaya proactive_contact 4.0
novell linux_desktop 9
CVE-2008-2931 HIGH

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-269,

Products Affected

Vendor Product Version
canonical ubuntu_linux 7.04
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
opensuse opensuse *
canonical ubuntu_linux 6.06
debian debian_linux 4.0
novell suse_linux_enterprise_desktop 10.0
linux linux_kernel *
novell suse_linux_enterprise_server 10.0
CVE-2008-5021 HIGH

nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by modifying properties of a file input element while it is still being initialized, then using the blur method to access uninitialized memory.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-362,

Products Affected

Vendor Product Version
opensuse opensuse 11.0
fedoraproject fedora 8
suse linux_enterprise_debuginfo 10
canonical ubuntu_linux 6.06
debian debian_linux 4.0
mozilla thunderbird *
canonical ubuntu_linux 8.10
mozilla firefox *
opensuse opensuse 10.2
suse linux_enterprise_desktop 10
suse linux_enterprise_server 9
opensuse opensuse 10.3
novell open_enterprise_server -
canonical ubuntu_linux 8.04
canonical ubuntu_linux 7.10
suse linux_enterprise_server 10
suse linux_enterprise_software_development_kit 10
mozilla seamonkey *
novell linux_desktop 9
fedoraproject fedora 9
CVE-2008-5038 HIGH

Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 SP10 before 8.7.3 SP10 FTF1 and 8.8 SP2 for Windows allows remote attackers to cause a denial of service and possibly execute arbitrary code via a sequence of "Get NCP Extension Information By Name" requests that cause one thread to operate on memory after it has been freed in another thread, which triggers memory corruption, aka Novell Bug 373852.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
novell edirectory 8.7.3
novell edirectory 8.8
novell edirectory *
CVE-2009-0115 HIGH

The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux Enterprise Server (SLES), Fedora, and possibly other operating systems, uses world-writable permissions for the socket file (aka /var/run/multipathd.sock), which allows local users to send arbitrary commands to the multipath daemon.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-732,

Products Affected

Vendor Product Version
avaya messaging_storage_server 4.0
fedoraproject fedora 10
juniper ctpview 7.1
debian debian_linux 5.0
debian debian_linux 4.0
juniper ctpview *
suse linux_enterprise_server 9
suse linux_enterprise_desktop 9
christophe.varoqui multipath-tools 0.4.8
avaya intuity_audix_lx 2.0
novell open_enterprise_server -
avaya message_networking 3.1
avaya messaging_storage_server 3.0
opensuse opensuse *
avaya messaging_storage_server 5.0
suse linux_enterprise_server 10
fedoraproject fedora 9
CVE-2009-2707 MEDIUM

Unspecified vulnerability in ia32el (aka the IA 32 emulation functionality) before 7042_7022-0.4.2 in SUSE Linux Enterprise (SLE) 10 SP2 on Itanium IA64 machines allows local users to cause a denial of service (system crash) via a 32-bit x86 application.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 10
CVE-2009-3547 MEDIUM

Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.0 HIGH CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H 1.0 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,CWE-476,CWE-672,

Products Affected

Vendor Product Version
opensuse opensuse 11.0
vmware esx 4.0
fedoraproject fedora 10
suse suse_linux_enterprise_desktop 10
canonical ubuntu_linux 6.06
canonical ubuntu_linux 8.10
canonical ubuntu_linux 8.04
canonical ubuntu_linux 9.04
vmware vma 4.0
opensuse opensuse 11.2
suse suse_linux_enterprise_server 10
linux linux_kernel *
canonical ubuntu_linux 9.10
linux linux_kernel 2.6.32
novell linux_desktop 9
CVE-2009-4653 HIGH

Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to cause a denial of service (dhost.exe crash) and possibly execute arbitrary code via a long string to /dhost/modules?I:.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell edirectory 8.8
CVE-2009-4654 HIGH

Stack-based buffer overflow in the dhost module in Novell eDirectory 8.8 SP5 for Windows allows remote authenticated users to execute arbitrary code via long sadminpwd and verifypwd parameters in a submit action to /dhost/httpstk.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell edirectory 8.8
CVE-2009-4655 HIGH

The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-310,

Products Affected

Vendor Product Version
novell edirectory 8.8.5
CVE-2009-4662 MEDIUM

Cross-site scripting (XSS) vulnerability in the WebAccess component in Novell GroupWise 7.0 before 7.03 HP4 and 8.0 before 8.0 SP1 allows remote attackers to inject arbitrary web script or HTML via the User.Theme.index parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise 7.03
novell groupwise 8.0
novell groupwise 7.01
novell groupwise 7.0
CVE-2009-4878 MEDIUM

Unspecified vulnerability in the Administration Console in Novell Access Manager before 3.1 SP1 allows attackers to access system files via unknown attack vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell access_manager 3
novell access_manager *
CVE-2009-4879 MEDIUM

The Identity Server in Novell Access Manager before 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
novell access_manager 3
novell access_manager *
CVE-2010-0284 HIGH

Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component in a servlet in nps.jar in the Administration Console (aka Access Management Console) in Novell Access Manager 3.1 before 3.1.2-281 on Windows allows remote attackers to create arbitrary files with any contents, and consequently execute arbitrary code, via a .. (dot dot) in a parameter, aka ZDI-CAN-678.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell access_manager 3.1
CVE-2010-0625 MEDIUM

Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long (1) MKD, (2) RMD, (3) RNFR, or (4) DELE command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware_ftp_server 5.07
novell netware_ftp_server 5.01o
novell netware_ftp_server 5.02r
novell netware 6.0
novell netware_ftp_server 5.01w
novell netware_ftp_server 5.04.25
novell netware_ftp_server 5.01y
novell netware_ftp_server 5.07.02
novell netware_ftp_server 5.02y
novell netware_ftp_server 5.05
novell netware_ftp_server 5.06.05
novell netware_ftp_server 5.02i
novell netware_ftp_server 5.05.04
novell netware 6.5
novell netware_ftp_server 5.03b
novell netware_ftp_server 5.03l
novell netware_ftp_server 5.06.04
novell netware_ftp_server 5.04.5
novell netware_ftp_server 5.04.20
novell netware_ftp_server 5.02b
novell netware_ftp_server 5.04.8
novell netware_ftp_server 5.01i
CVE-2010-0666 MEDIUM

Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote attackers to cause a denial of service (crash) via unknown a crafted SOAP request, a different issue than CVE-2008-0926.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell edirectory 8.7.1
novell edirectory 8.5
novell edirectory *
novell edirectory 8.7.3
novell edirectory 8.6.2
novell edirectory 8.7
novell edirectory 8.8
novell edirectory 8.7.3.8
novell edirectory 8.5.27
novell edirectory 8.7.3.9
novell edirectory 8.7.3.8_presp9
novell edirectory 8.5.12a
CVE-2010-1325 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Management Server (SLMS) 1.0 on SUSE Linux Enterprise (SLE) 11 allows remote attackers to hijack the authentication of unspecified victims via vectors related to improper parameter quoting. NOTE: some sources report that this is a vulnerability in a product named "Apache SLMS," but that is incorrect.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
novell suse_lifecycle_management_server 1.0
CVE-2010-1507 MEDIUM

WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed secret key that is embedded in the appliance's image, which allows remote attackers to spoof session cookies by leveraging knowledge of this key.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-255,

Products Affected

Vendor Product Version
novell suse_linux 11
CVE-2010-1527 HIGH

Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute arbitrary code via a long call-back-url parameter in an op-client-interface-version action.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2010-1929 HIGH

Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or (2) NewClassName parameter to nps/servlet/webacc.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell imanager 2.7.3
novell imanager 2.7.0
CVE-2010-1930 MEDIUM

Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-189,

Products Affected

Vendor Product Version
novell imanager 2.7.3
novell imanager 2.7.0
CVE-2010-2351 HIGH

Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to execute arbitrary code via a Sessions Setup AndX packet with a long AccountName.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware *
novell netware 6.5
novell netware 6.0
novell netware 5.0
CVE-2010-2777 HIGH

Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to execute arbitrary code via a long mailbox name in a CREATE command.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise 8.0
novell groupwise 7.0
CVE-2010-2778 MEDIUM

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FTF and 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to a "Javascript XSS exploit."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise 8.0
novell groupwise 7.0
CVE-2010-2779 MEDIUM

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows remote attackers to inject arbitrary web script or HTML via a crafted message, related to "replies."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2010-3105 HIGH

The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized memory location as a pointer value, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2010-3106 HIGH

The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not properly validate the debug parameter, which allows remote attackers to execute arbitrary code or cause a denial of service (stack memory corruption) via a parameter value with a crafted length, related to the ExecuteRequest method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 4.28
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2010-3107 HIGH

A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 does not properly restrict the set of files to be deleted, which allows remote attackers to cause a denial of service (recursive file deletion) via unspecified vectors related to a "logic flaw" in the CleanUploadFiles method in the nipplib.dll module.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 4.28
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2010-3108 HIGH

Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code by using EMBED elements to pass parameters with long names.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 4.28
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2010-3109 HIGH

Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to execute arbitrary code via a long operation parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 4.28
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2010-3110 HIGH

Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enterprise 11 SP1 and openSUSE 11.3 allow local users to gain privileges via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
opensuse opensuse 11.3
novell suse_linux 11
CVE-2010-3264 LOW

The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tmp/idmInstall.log, which allows local users to obtain sensitive information by reading this file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-255,

Products Affected

Vendor Product Version
novell identity_manager 3.6.1
CVE-2010-3912 HIGH

The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disguise passwords" in configuration files, which has unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-255,

Products Affected

Vendor Product Version
novell suse_linux 10
novell suse_linux 11
CVE-2010-4227 HIGH

The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or execute arbitrary code via a crafted, signed value in a NFS RPC request to port UDP 1234, leading to a stack-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware *
novell netware 6.5
CVE-2010-4228 HIGH

Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute arbitrary code or cause a denial of service (abend) via a long DELE command, a different vulnerability than CVE-2010-0625.4.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware 5.1
novell netware 6.5
novell netware 6.0
CVE-2010-4229 HIGH

Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks Asset Management (ZAM) in Novell ZENworks Configuration Management 10.3 before 10.3.2, and 11, allows remote attackers to overwrite files, and subsequently execute arbitrary code, via directory traversal sequences in a filename field in an upload request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.1
CVE-2010-4254 HIGH

Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic methods, which allows remote attackers to bypass generic constraints, and possibly execute arbitrary code, via a crafted method call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell moonlight 2.99.0
novell moonlight *
novell moonlight 2.99.2
novell moonlight 2.99.9
mono mono *
novell moonlight 2.99.1
novell moonlight 2.99.7
CVE-2010-4299 HIGH

Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows remote attackers to execute arbitrary code via a crafted request to TCP port 2400.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell zenworks_handheld_management 7
CVE-2010-4314 HIGH

Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 for Windows XP/Vista/Win7 to execute code by overflowing the "name" parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint *
CVE-2010-4321 HIGH

Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows remote attackers to execute arbitrary code via a long argument to (1) the GetDriverSettings2 method, as reachable by (2) the GetDriverSettings method.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint_client 5.52
CVE-2010-4322 LOW

Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell vibe_onprem 3
CVE-2010-4323 HIGH

Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell zenworks_configuration_manager 10.3.2
novell zenworks_configuration_manager *
novell zenworks_configuration_manager 10.3.1
CVE-2010-4324 MEDIUM

Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles Based Provisioning Module 3.7.0 before 370D in Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell identity_manager *
novell identity_manager_roles_based_provisioning_module *
CVE-2010-4325 HIGH

Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 allows remote attackers to execute arbitrary code via a crafted TZID variable in a VCALENDAR message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4326 HIGH

Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via variables in a VCALENDAR message, as demonstrated by a long (1) REQUEST-STATUS, (2) TZNAME, (3) COMMENT, or (4) RRULE variable in this message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4327 MEDIUM

Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell edirectory 8.8.5
novell edirectory 8.8.6
CVE-2010-4328 HIGH

Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint_open_enterprise_server 2
CVE-2010-4711 HIGH

Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a large parameter in a LIST command.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4712 HIGH

Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a Content-Type header containing (1) multiple items separated by ; (semicolon) characters or (2) crafted string data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4713 HIGH

Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allows remote attackers to execute arbitrary code via a signed integer value in the Content-Type header.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4714 HIGH

Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) gwpoa.exe in the Post Office Agent, (2) gwmta.exe in the Message Transfer Agent, (3) gwia.exe in the Internet Agent, (4) the WebAccess Agent, or (5) the Monitor Agent.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4715 MEDIUM

Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4716 MEDIUM

Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8.02HP allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2010-4717 MEDIUM

Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP allow remote attackers to execute arbitrary code via a long (1) LIST or (2) LSUB command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 8.0
novell groupwise 5.0
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 7.0.1
novell groupwise 6.5.3
novell groupwise 4.1
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 8.0.1
novell groupwise 6.5.6
novell groupwise 5.1
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 4.1a
novell groupwise 7.0.2
CVE-2011-0333 HIGH

Heap-based buffer overflow in the NgwiCalVTimeZoneBody::ParseSelf function in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted TZNAME variable in a VCALENDAR attachment in an e-mail message, related to an "integer truncation error."

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-0334 HIGH

Stack-based buffer overflow in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a long HTTP request for a .css file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-0462 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the login page in the webui component in SUSE openSUSE Build Service (OBS) before 2.1.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell opensuse_build_service 1.5
novell opensuse_build_service 1.7.7
novell opensuse_build_service 2.1.1
novell opensuse_build_service 1.7.0
novell opensuse_build_service 2.0.3
novell opensuse_build_service 2.0.7
novell opensuse_build_service 1.9.91
novell opensuse_build_service 2.0.106
novell opensuse_build_service 2.0.6
novell opensuse_build_service *
novell opensuse_build_service 1.8
novell opensuse_build_service 2.0.2
novell opensuse_build_service 1.9.90
novell opensuse_build_service 1.0
novell opensuse_build_service 1.7
novell opensuse_build_service 2.0.16
novell opensuse_build_service 2.0.104
novell opensuse_build_service 1.7.2
novell opensuse_build_service 2.1.2
novell opensuse_build_service 2.1.3
novell opensuse_build_service 2.0.8
novell opensuse_build_service 2.0.0
novell opensuse_build_service 2.1
novell opensuse_build_service 2.1.4
novell opensuse_build_service 1.6
novell opensuse_build_service 1.7.6
novell opensuse_build_service 1.9.92
novell opensuse_build_service 2.0.1
novell opensuse_build_service 1.7.4
novell opensuse_build_service 2.0.5
novell opensuse_build_service 2.1.5
novell opensuse_build_service 1.7.5
novell opensuse_build_service 2.0.4
novell opensuse_build_service 2.0
novell opensuse_build_service 2.1.0
novell opensuse_build_service 2.0.103
novell opensuse_build_service 1.7.3
CVE-2011-0464 HIGH

Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell vibe_onprem 3.0
CVE-2011-0466 MEDIUM

The API in SUSE openSUSE Build Service (OBS) 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a (1) package or (2) project via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell opensuse_build_service 2.1.2
novell opensuse_build_service 2.1.3
novell opensuse_build_service 2.1.5.1
novell opensuse_build_service 2.1.1
novell opensuse_build_service 2.0.0
novell opensuse_build_service 2.0.3
novell opensuse_build_service 2.1
novell opensuse_build_service 2.1.4
novell opensuse_build_service 2.0.7
novell opensuse_build_service 2.0.106
novell opensuse_build_service 2.0.1
novell opensuse_build_service 2.0.6
novell opensuse_build_service 2.0.2
novell opensuse_build_service 2.0.5
novell opensuse_build_service 2.1.5
novell opensuse_build_service 2.0.4
novell opensuse_build_service 2.0.16
novell opensuse_build_service 2.0
novell opensuse_build_service 2.0.104
novell opensuse_build_service 2.1.0
novell opensuse_build_service 2.0.103
CVE-2011-0742 HIGH

Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell zenworks_handheld_management 7
CVE-2011-0988 MEDIUM

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell suse_linux 10
pureftpd pure-ftpd 1.0.22
novell suse_linux 11
CVE-2011-0989 MEDIUM

The RuntimeHelpers.InitializeArray method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, does not properly restrict data types, which allows remote attackers to modify internal read-only data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file, as demonstrated by modifying a C# struct.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell moonlight 2.0
novell moonlight 2.3.0
novell moonlight 2.4
novell moonlight 3.99
novell moonlight 3.0
mono mono *
novell moonlight 2.31
CVE-2011-0990 MEDIUM

Race condition in the FastCopy optimization in the Array.Copy method in metadata/icall.c in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to trigger a buffer overflow and modify internal data structures, and cause a denial of service (plugin crash) or corrupt the internal state of the security manager, via a crafted media file in which a thread makes a change after a type check but before a copy action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
novell moonlight 2.0
novell moonlight 2.3.0
novell moonlight 2.4
novell moonlight 3.99
novell moonlight 3.0
mono mono *
novell moonlight 2.31
CVE-2011-0991 MEDIUM

Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to finalizing and then resurrecting a DynamicMethod instance.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
novell moonlight 2.0
novell moonlight 2.3.0
novell moonlight 2.4
novell moonlight 3.99
novell moonlight 3.0
mono mono *
novell moonlight 2.31
CVE-2011-0992 MEDIUM

Use-after-free vulnerability in Mono, when Moonlight 2.x before 2.4.1 or 3.x before 3.99.3 is used, allows remote attackers to cause a denial of service (plugin crash) or obtain sensitive information via vectors related to member data in a resurrected MonoThread instance.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
novell moonlight 2.0
novell moonlight 2.3.0
novell moonlight 2.4
novell moonlight 3.99
novell moonlight 3.0
mono mono *
novell moonlight 2.31
CVE-2011-0994 HIGH

Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter (NFR) before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell file_reporter *
CVE-2011-0995 LOW

The sqlite3-ruby gem in the rubygem-sqlite3 package before 1.2.4-0.5.1 in SUSE Linux Enterprise (SLE) 11 SP1 uses weak permissions for unspecified files, which allows local users to gain privileges via unknown vectors.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
rubyforge rubygem-sqlite3 1.2.0
novell suse_linux_enterprise 11
rubyforge rubygem-sqlite3 *
rubyforge rubygem-sqlite3 1.2.1
rubyforge rubygem-sqlite3 1.2.2
CVE-2011-1551 MEDIUM

SUSE openSUSE Factory assigns ownership of the /var/log/cobbler/ directory tree to the web-service user account, which might allow local users to gain privileges by leveraging access to this account during root filesystem operations by the Cobbler daemon.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell opensuse_factory *
CVE-2011-1696 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 692972.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell identity_manager_user_application 3.5.0
novell identity_manager_user_application 3.5.1
novell identity_manager_user_application 3.6.1
novell identity_manager_roles_based_provisioning_module 3.6.1
novell identity_manager_user_application 3.7.0
novell identity_manager_roles_based_provisioning_module 4.0.0
novell identity_manager_roles_based_provisioning_module 3.7.0
novell identity_manager_roles_based_provisioning_module 3.6.0
novell identity_manager_user_application 3.6.0
novell identity_manager_user_application 4.0.0
CVE-2011-1699 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted uri parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1700 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-time parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1701 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted profile-name parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1702 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted file-date-time parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1703 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted driver-version parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1704 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted core-package parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1705 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1706 HIGH

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted iprint-client-config-info parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1707 HIGH

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs parameter in a printer-url.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1708 HIGH

Stack-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.64 allows remote attackers to execute arbitrary code via a crafted op-printer-list-all-jobs cookie.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.56
novell iprint 4.26
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.27
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.12
novell iprint 5.20b
CVE-2011-1710 HIGH

Multiple integer overflows in the HTTP server in the Novell XTier framework 3.1.8 allow remote attackers to cause a denial of service (service crash) or possibly execute arbitrary code via crafted header length variables.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
novell xtier_framework 3.1.8
CVE-2011-1711 MEDIUM

Unspecified vulnerability in the Mobility Pack 1.1.2 and earlier in Novell Data Synchronizer 1.0.x, and 1.1.x through 1.1.1 build 428, allows remote authenticated users to access the accounts of other users via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack *
novell mobility_pack 1.1.1
novell data_synchronizer 1.1.0
CVE-2011-2218 MEDIUM

Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2219.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-2219 MEDIUM

Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-2220 HIGH

Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell file_reporter *
novell file_reporter_engine *
CVE-2011-2221 MEDIUM

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to bypass WebAdmin authentication and obtain sensitive GroupWise information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack 1.1.2
novell mobility_pack 1.1.1
novell mobility_pack 1.0
novell data_synchronizer 1.1.0
novell data_synchronizer 1.1.2
CVE-2011-2222 MEDIUM

Session fixation vulnerability in WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 allows remote attackers to hijack web sessions via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack 1.1.2
novell mobility_pack 1.1.1
novell mobility_pack 1.0
novell data_synchronizer 1.1.0
novell data_synchronizer 1.1.2
CVE-2011-2223 MEDIUM

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 sends the Admin LDAP password in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack 1.1.2
novell mobility_pack 1.1.1
novell mobility_pack 1.0
novell data_synchronizer 1.1.0
novell data_synchronizer 1.1.2
CVE-2011-2224 MEDIUM

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not include the HTTPOnly flag in a Set-Cookie header, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack *
novell mobility_pack 1.1.1
novell mobility_pack 1.0
novell data_synchronizer 1.1.0
novell data_synchronizer 1.1.2
CVE-2011-2225 HIGH

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to have an unknown impact via a crafted directory pathname that is inserted into config.sh.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2226 MEDIUM

Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to a pattern listing.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2227 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell Identity Manager (aka IDM) User Application 3.5.0, 3.5.1, 3.6.0, 3.6.1, 3.7.0, and 4.0.0, and Identity Manager Roles Based Provisioning Module 3.6.0, 3.6.1, 3.7.0, and 4.0.0, allows remote attackers to inject arbitrary web script or HTML via the apwaDetail (aka apwaDetailId) parameter, aka Bug 709603.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell identity_manager_user_application 3.5.0
novell identity_manager_user_application 3.5.1
novell identity_manager_user_application 3.6.1
novell identity_manager_roles_based_provisioning_module 3.6.1
novell identity_manager_user_application 3.7.0
novell identity_manager_roles_based_provisioning_module 4.0.0
novell identity_manager_roles_based_provisioning_module 3.7.0
novell identity_manager_roles_based_provisioning_module 3.6.0
novell identity_manager_user_application 3.6.0
novell identity_manager_user_application 4.0.0
CVE-2011-2644 MEDIUM

Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, related to an RPM info display.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2645 HIGH

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename for a custom RPM.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2646 HIGH

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename in the list of testdrive modified files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2647 HIGH

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted archive name in the list of testdrive modified files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2648 HIGH

Unspecified vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a filter in a modified file.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2649 HIGH

Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows attackers to execute arbitrary commands via shell metacharacters in an unspecified FileUtils function call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2650 MEDIUM

Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted pattern name that is included in an RPM info display.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2651 HIGH

Unspecified vulnerability in the file browser in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to execute arbitrary code via a crafted filename.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2652 MEDIUM

Cross-site scripting (XSS) vulnerability in Kiwi before 3.74.2, as used in SUSE Studio 1.1 before 1.1.4, allows remote attackers to inject arbitrary web script or HTML via a crafted archive file list that is used in an overlay file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
marcus_schafer kiwi *
novell suse_studio_onsite 1.1
CVE-2011-2653 HIGH

Directory traversal vulnerability in the rtrlet component in Novell ZENworks Asset Management (ZAM) 7.5 allows remote attackers to execute arbitrary code by uploading an executable file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_asset_management 7.5
CVE-2011-2654 HIGH

The RPC implementation in the server in Novell Cloud Manager 1.1.2 before Patch 3 does not properly initialize objects, which allows remote attackers to execute arbitrary code by making RPC calls that leverage incorrect privileges associated with a partially initialized session.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell cloud_manager *
novell cloud_manager 1.1.2
CVE-2011-2655 HIGH

Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2656.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell zenworks_handheld_management 7
CVE-2011-2656 HIGH

Unspecified vulnerability in ZfHSrvr.exe in Novell ZENworks Handheld Management (ZHM) 7 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-2655.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell zenworks_handheld_management 7.0.2.61213
novell zenworks_handheld_management 7
CVE-2011-2661 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 8.0 before HP3 allow remote attackers to inject arbitrary web script or HTML via the (1) Directory.Item.name or (2) Directory.Item.displayName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-2662 HIGH

Integer signedness error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a negative BYWEEKNO property in a weekly RRULE variable in a VCALENDAR attachment in an e-mail message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-2663 HIGH

Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise 8.0
CVE-2011-2750 MEDIUM

NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
novell file_reporter 1.0.2
novell file_reporter *
novell file_reporter 1.0.1
novell file_reporter 1.0.1.1
CVE-2011-3013 MEDIUM

WebAdmin in the Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 supports weak SSL ciphers, which makes it easier for remote attackers to obtain access via a brute-force attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack 1.1.2
novell mobility_pack 1.1.1
novell mobility_pack 1.0
novell data_synchronizer 1.1.0
novell data_synchronizer 1.1.2
CVE-2011-3014 MEDIUM

The Mobility Pack before 1.2 in Novell Data Synchronizer 1.x through 1.1.2 build 428 does not properly restrict caching of HTTPS responses, which makes it easier for remote attackers to obtain sensitive information by leveraging an unattended workstation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell mobility_pack 1.1
novell data_synchronizer 1.1.1
novell data_synchronizer 1.0.0
novell mobility_pack 1.1.2
novell mobility_pack 1.1.1
novell mobility_pack 1.0
novell data_synchronizer 1.1.0
novell data_synchronizer 1.1.2
CVE-2011-3173 HIGH

Stack-based buffer overflow in the GetDriverSettings function in nipplib.dll in the iPrint client in Novell Open Enterprise Server 2 (aka OES2) SP3 allows remote attackers to execute arbitrary code via a long (1) hostname or (2) port field.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint_open_enterprise_server_2 *
CVE-2011-3175 HIGH

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x6c request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.1a
CVE-2011-3176 HIGH

Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to execute arbitrary code via an opcode 0x4c request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.1a
CVE-2011-3179 MEDIUM

The server process in Novell Messenger 2.1 and 2.2.x before 2.2.1, and Novell GroupWise Messenger 2.04 and earlier, allows remote attackers to read from arbitrary memory locations via a crafted command.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell groupwise_messenger 2.0.3
novell messenger 2.1
novell groupwise_messenger *
novell groupwise_messenger 1.0.6
novell messenger 2.2.0
novell groupwise_messenger 2.0
novell groupwise_messenger 2.0.2
novell groupwise_messenger 2.0.1
CVE-2011-4185 HIGH

The GetPrinterURLList2 method in the ActiveX control in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2008-2431 and CVE-2008-2436.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 4.26
novell iprint 4.27
novell iprint 5.12
novell iprint 5.68
novell iprint 5.56
novell iprint 5.64
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 5.72
novell iprint 5.60
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.20b
CVE-2011-4186 HIGH

Heap-based buffer overflow in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a crafted client-file-name parameter in a printer-url, a different vulnerability than CVE-2011-1705.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 4.26
novell iprint 4.27
novell iprint 5.12
novell iprint 5.68
novell iprint 5.56
novell iprint 5.64
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 5.72
novell iprint 5.60
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.20b
CVE-2011-4187 HIGH

Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 4.26
novell iprint 4.27
novell iprint 5.12
novell iprint 5.68
novell iprint 5.56
novell iprint 5.64
novell iprint 4.30
novell iprint 5.30
novell iprint 5.40
novell iprint 5.72
novell iprint 5.60
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.20b
CVE-2011-4188 MEDIUM

Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issue to CVE-2010-1929.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell imanager 2.0.2
novell imanager 2.6.0
novell imanager 2.7.3
novell imanager 2.0
novell imanager 1.5
novell imanager 2.7.0
novell imanager 2.5
novell imanager *
CVE-2011-4189 HIGH

The client in Novell GroupWise 8.0x through 8.02HP3 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption and application crash) via a long e-mail address in an Address Book (aka .NAB) file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
novell groupwise 8.0
novell groupwise 8.0.2
novell groupwise 8.0.1
CVE-2011-4191 HIGH

Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute arbitrary code or cause a denial of service (abend or NFS outage) via long packets.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell netware 6.5
CVE-2011-4194 HIGH

Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute arbitrary code via a crafted attributes-natural-language field.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell open_enterprise_server 2.0.3
novell open_enterprise_server 2.0.1
novell open_enterprise_server 2
novell open_enterprise_server 2.0.2
CVE-2011-4913 HIGH

The rose_parse_ccitt function in net/rose/rose_subr.c in the Linux kernel before 2.6.39 does not validate the FAC_CCITT_DEST_NSAP and FAC_CCITT_SRC_NSAP fields, which allows remote attackers to (1) cause a denial of service (integer underflow, heap memory corruption, and panic) via a small length value in data sent to a ROSE socket, or (2) conduct stack-based buffer overflow attacks via a large length value in data sent to a ROSE socket.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.38.2
linux linux_kernel 2.6.38.6
linux linux_kernel 2.6.38.4
linux linux_kernel 2.6.38
linux linux_kernel 2.6.38.7
linux linux_kernel *
novell suse_linux_enterprise_server 10.0
linux linux_kernel 2.6.38.1
linux linux_kernel 2.6.38.3
linux linux_kernel 2.6.38.5
CVE-2011-4914 MEDIUM

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via crafted data to a ROSE socket.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
linux linux_kernel 2.6.38.2
linux linux_kernel 2.6.38.6
linux linux_kernel 2.6.38.4
linux linux_kernel 2.6.38
linux linux_kernel 2.6.38.7
linux linux_kernel *
novell suse_linux_enterprise_server 10.0
linux linux_kernel 2.6.38.1
linux linux_kernel 2.6.38.3
linux linux_kernel 2.6.38.5
CVE-2011-5028 MEDIUM

Directory traversal vulnerability in novelllogmanager/FileDownload in Novell Sentinel Log Manager 1.2.0.1_938 and earlier, as used in Novell Sentinel before 7.0.1.0, allows remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell sentinel_log_manager *
CVE-2012-0410 MEDIUM

Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 7.03
novell groupwise 8.0
novell groupwise 7.01
novell groupwise 8.02
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 8.01
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 6.5.3
novell groupwise 8.00
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 6.5.6
novell groupwise 7.02
novell groupwise 6.5
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
CVE-2012-2215 MEDIUM

Directory traversal vulnerability in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote attackers to read arbitrary files via an opcode 0x21 request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.1a
CVE-2012-2223 MEDIUM

The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x before 10.3.4 and 11.x before 11.2 enables the HTTP TRACE method, which might make it easier for remote attackers to conduct cross-site tracing (XST) attacks via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.3.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.1a
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.2
novell zenworks_configuration_management 10.3.1
CVE-2012-2313 LOW

The rio_ioctl function in drivers/net/ethernet/dlink/dl2k.c in the Linux kernel before 3.3.7 does not restrict access to the SIOCSMIIREG command, which allows local users to write data to an Ethernet adapter via an ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
redhat enterprise_linux 5
linux linux_kernel 3.3.4
redhat enterprise_linux_server_eus 6.2.z
novell suse_linux_enterprise_server 10.0
redhat enterprise_linux_eus 5.6.z
redhat enterprise_linux_server_aus 6.2
linux linux_kernel 3.3
linux linux_kernel 3.3.3
linux linux_kernel 3.3.1
redhat enterprise_linux_long_life 5.6
redhat enterprise_linux_server_eus 6.1.z
linux linux_kernel *
linux linux_kernel 3.3.2
redhat enterprise_linux_desktop 5.0
linux linux_kernel 3.3.5
CVE-2012-6344 MEDIUM

Novell ZENworks Configuration Management before 11.2.4 allows XSS.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell zenworks_configuration_management *
CVE-2012-6345 MEDIUM

Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell zenworks_configuration_management *
CVE-2012-6534 MEDIUM

Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save Query As" "Save As Retention Policy" action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell sentinel_log_manager 1.1.0.0
novell sentinel_log_manager 1.1.0.2
novell sentinel_log_manager 1.2.0.1
novell sentinel_log_manager 1.2
novell sentinel_log_manager 1.0.0.5
novell sentinel_log_manager *
novell sentinel_log_manager 1.0.0.4
novell sentinel_log_manager 1.1.0.1
CVE-2012-6657 MEDIUM

The sock_setsockopt function in net/core/sock.c in the Linux kernel before 3.5.7 does not ensure that a keepalive action is associated with a stream socket, which allows local users to cause a denial of service (system crash) by leveraging the ability to create a raw socket.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 11.0
linux linux_kernel 3.5.5
linux linux_kernel 3.5.3
linux linux_kernel 3.5.1
linux linux_kernel 3.5.2
linux linux_kernel 3.5.4
linux linux_kernel *
novell suse_linux_enterprise_server 10.0
CVE-2013-0804 HIGH

The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,

Products Affected

Vendor Product Version
novell groupwise 8.0
novell groupwise 8.01
novell groupwise 8.02
novell groupwise 8.00
novell groupwise 8.03
novell groupwise 2012
CVE-2013-1079 MEDIUM

Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 through 11.2 allows remote attackers to execute arbitrary local DLL files via a crafted web page that also calls the Initialize method.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.3.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 11.1
novell zenworks_configuration_management 11.1a
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.2
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 10.3.1
CVE-2013-1080 HIGH

The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 before 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote attackers to conduct directory traversal attacks, and consequently upload and execute arbitrary programs, via a request to TCP port 443.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 11.2
CVE-2013-1081 HIGH

Directory traversal vulnerability in MDM.php in Novell ZENworks Mobile Management (ZMM) 2.6.1 and 2.7.0 allows remote attackers to include and execute arbitrary local files via the language parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_mobile_management 2.7.0
novell zenworks_mobile_management 2.6.1
CVE-2013-1082 HIGH

Directory traversal vulnerability in DUSAP.php in Novell ZENworks Mobile Management before 2.7.1 allows remote attackers to include and execute arbitrary local files via the language parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_mobile_management *
novell zenworks_mobile_management 2.6.1
CVE-2013-1083 HIGH

Unspecified vulnerability in the login functionality in the Reporting Module in Novell Identity Manager (aka IDM) Roles Based Provisioning Module 4.0.2 before Field Patch C has unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell identity_manager_roles_based_provisioning_module 4.0.2
CVE-2013-1084 MEDIUM

Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.2.3
CVE-2013-1085 HIGH

Stack-based buffer overflow in the nim: protocol handler in Novell GroupWise Messenger 2.04 and earlier, and Novell Messenger 2.1.x and 2.2.x before 2.2.2, allows remote attackers to execute arbitrary code via an import command containing a long string in the filename parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell groupwise_messenger *
novell groupwise_messenger 1.0.6
novell messenger *
novell messenger 2.2.0
novell groupwise_messenger 2.0
novell groupwise_messenger 2.0.2
CVE-2013-1086 MEDIUM

Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise before 8.0.3 HP3, and 2012 before SP2, allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError attribute.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 7.01
novell groupwise 8.02
novell groupwise 2012
novell groupwise 8.01
novell groupwise 5.57e
novell groupwise 6.5.2
novell groupwise 6.5.3
novell groupwise 8.00
novell groupwise 6.5.4
novell groupwise 5.5
novell groupwise 6.5.6
novell groupwise 7.02
novell groupwise 6.5.7
novell groupwise 6.0
novell groupwise 6.0.1
novell groupwise 7.03
novell groupwise 8.0
novell groupwise 8.03
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 5.2
novell groupwise 6.5
CVE-2013-1087 MEDIUM

Cross-site scripting (XSS) vulnerability in the client in Novell GroupWise through 8.0.3 HP3, and 2012 through SP2, on Windows allows user-assisted remote attackers to inject arbitrary web script or HTML via the body of an e-mail message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 7.0.3
novell groupwise 7.03
novell groupwise 8.0
novell groupwise 7.01
novell groupwise 8.02
novell groupwise 8.03
novell groupwise 2012
novell groupwise 7.0
novell groupwise 7.0.4
novell groupwise 8.01
novell groupwise 6.5.2
novell groupwise 6.5.3
novell groupwise 8.00
novell groupwise 6.5.4
novell groupwise 6.5.6
novell groupwise 7.02
novell groupwise 6.5
novell groupwise 6.5.7
CVE-2013-1088 MEDIUM

Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
novell imanager 2.7.5
novell imanager 2.7
novell imanager 2.7.3
novell imanager 2.7.4
novell imanager 2.7.2
novell imanager 2.7.1
novell imanager *
CVE-2013-1091 HIGH

Stack-based buffer overflow in Novell iPrint Client before 5.90 allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 4.26
novell iprint 5.74
novell iprint 5.82
novell iprint 4.27
novell iprint 5.12
novell iprint 5.68
novell iprint 5.56
novell iprint 5.64
novell iprint 4.30
novell iprint 5.78
novell iprint 5.30
novell iprint 5.40
novell iprint 5.72
novell iprint 5.60
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.20b
CVE-2013-1092 HIGH

Multiple unquoted Windows search path vulnerabilities in Novell ZENworks Desktop Management (ZDM) 7 through 7.1 might allow local users to gain privileges via a Trojan horse "program" file in the C: folder, related to an attempted launch of (1) ZenRem32.exe or (2) wm.exe.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell zenworks_desktop_management 7
novell zenworks_desktop_management 7.1
CVE-2013-1093 MEDIUM

Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.2.2
novell zenworks_configuration_management 11.2.1
novell zenworks_configuration_management 11.2.3
novell zenworks_configuration_management 11.2
CVE-2013-1094 MEDIUM

Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.2.2
novell zenworks_configuration_management 11.2.1
novell zenworks_configuration_management 11.2.3
novell zenworks_configuration_management 11.2
CVE-2013-1095 MEDIUM

Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onError event.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.2.2
novell zenworks_configuration_management 11.2.1
novell zenworks_configuration_management 11.2.3
novell zenworks_configuration_management 11.2
CVE-2013-1096 MEDIUM

Cross-site scripting (XSS) vulnerability in the Roles Based Provisioning Module 4.0.2 before Field Patch D for Novell Identity Manager (aka IDM) allows remote attackers to inject arbitrary web script or HTML via a taskDetail taskId.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell identity_manager_roles_based_provisioning_module 4.0.2
CVE-2013-1097 MEDIUM

Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.2.2
novell zenworks_configuration_management 11.2.1
novell zenworks_configuration_management 11.2.3
novell zenworks_configuration_management 11.2
CVE-2013-1379 HIGH

Adobe Flash Player before 10.3.183.75 and 11.x before 11.7.700.169 on Windows and Mac OS X, before 10.3.183.75 and 11.x before 11.2.202.280 on Linux, before 11.1.111.50 on Android 2.x and 3.x, and before 11.1.115.54 on Android 4.x; Adobe AIR before 3.7.0.1530; and Adobe AIR SDK & Compiler before 3.7.0.1530 do not properly initialize pointer arrays, which allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
adobe flash_player 7.0.1
adobe flash_player 9.0.47.0
adobe flash_player 10.1.53.64
adobe flash_player 9.125.0
adobe flash_player 11.6.602.180
adobe flash_player 10.1.52.14.1
adobe flash_player 11.2.202.258
adobe flash_player 11.3.300.262
adobe flash_player 11.4.402.287
adobe flash_player 9.0.262.0
adobe flash_player 10.3.183.48
adobe flash_player 9.0.124.0
adobe flash_player 10.3.183.63
adobe flash_player 9.0.260.0
adobe flash_player 11.3.300.268
adobe flash_player 10.2.152
adobe flash_player 9.0.283.0
adobe flash_player 6.0.79
adobe flash_player 7.0.60.0
opensuse opensuse 12.2
adobe flash_player 11.2.202.233
adobe flash_player 10.3.183.29
adobe flash_player 10.0.32.18
adobe flash_player 11.2.202.243
adobe flash_player 11.2.202.228
adobe flash_player 11.1
adobe flash_player 10.3.183.51
adobe flash_player 10.0.12.10
adobe flash_player 10.3.183.61
adobe flash_player 7.1
adobe flash_player 11.1.102.62
adobe flash_player 7.0
adobe flash_player 10.1.92.8
adobe flash_player 8.0.33.0
adobe flash_player 10.1.102.64
adobe flash_player 11.1.111.8
adobe flash_player 9.0.115.0
adobe flash_player 10.3.183.50
adobe flash_player 10.3.183.67
adobe flash_player 10.3.183.7
adobe flash_player 11.2.202.251
adobe flash_player 11.0.1.152
adobe flash_player 11.1.102.59
adobe flash_player 8.0.22.0
adobe flash_player 10.0.0.584
adobe flash_player 9.0.48.0
adobe flash_player 10.2.152.32
opensuse opensuse 11.4
adobe flash_player 8.0.42.0
adobe flash_player 9.0.18d60
adobe flash_player 11.6.602.167
adobe flash_player 11.2.202.238
adobe flash_player 9.0.28.0
adobe flash_player 7.0.63
adobe flash_player 9.0.31.0
adobe flash_player 10.0.45.2
adobe flash_player 11.2.202.273
adobe flash_player 11.2.202.235
adobe flash_player 11.3.300.265
adobe flash_player 10.3.183.18
adobe flash_player 11.2.202.262
adobe flash_player 11.1.102.55
adobe flash_player 11.0.1.153
adobe flash_player 7.0.61.0
adobe flash_player 11.3.300.271
adobe flash_player 10.2.159.1
adobe flash_player 9.0.20
adobe adobe_air_sdk *
opensuse opensuse 12.1
adobe flash_player 10.0.12.36
adobe flash_player 11.6.602.168
adobe flash_player 7.0.19.0
adobe flash_player 11.5.502.110
adobe flash_player 9.0.114.0
adobe flash_player 9.0.159.0
adobe flash_player 10.2.157.51
adobe flash_player 11.4.402.278
adobe flash_player 7.1.1
adobe flash_player 10.3.181.22
adobe flash_player 11.0
adobe flash_player 11.2.202.261
adobe flash_player 8.0.39.0
adobe flash_player 10.3.183.15
adobe flash_player 9.0.45.0
adobe flash_player 8.0.34.0
adobe flash_player 10.2.152.26
adobe flash_player 10.0.42.34
adobe flash_player 11.3.300.273
adobe flash_player 11.1.102.63
adobe flash_player 7.2
adobe flash_player 11.2.202.236
adobe flash_player 8.0.24.0
adobe flash_player 9.0.9.0
adobe flash_player 9.0.155.0
adobe flash_player 7.0.53.0
adobe flash_player 10.0.22.87
adobe flash_player 7.0.70.0
adobe flash_player *
adobe flash_player 11.5.502.149
adobe flash_player 6.0.21.0
adobe flash_player 10.1.106.16
adobe flash_player 11.1.115.34
adobe flash_player 10.3.183.11
adobe flash_player 7.0.73.0
adobe flash_player 9.0.28
adobe flash_player 10.3.183.25
adobe flash_player 11.6.602.171
adobe flash_player 10.3.183.43
adobe flash_player 11.5.502.135
adobe flash_player 11.3.300.270
adobe flash_player 9.0
adobe flash_player 10.2.154.13
opensuse opensuse 12.3
adobe flash_player 10.2.156.12
adobe flash_player 7.0.14.0
adobe flash_player 10.3.183.10
adobe flash_player 11.5.502.146
adobe flash_player 10.3.183.16
adobe flash_player 10.3.183.20
adobe flash_player 10.3.183.19
adobe flash_player 7.0.67.0
adobe flash_player 9.0.151.0
adobe flash_player 8.0.35.0
adobe adobe_air 3.6.0.597
adobe flash_player 7.0.69.0
adobe flash_player 11.5.502.136
adobe flash_player 10.3.181.16
adobe flash_player 9.0.246.0
adobe flash_player 10.2.153.1
adobe flash_player 10.3.181.26
adobe flash_player 9.0.277.0
adobe flash_player 10.0.2.54
adobe flash_player 11.2.202.275
adobe flash_player 9.0.152.0
adobe flash_player 9.0.112.0
adobe flash_player 9.0.125.0
adobe flash_player 10.1.82.76
adobe flash_player 9.0.16
adobe flash_player 11.2.202.270
adobe flash_player 9.0.31
adobe flash_player 10.3.181.14
adobe flash_player 11.4.402.265
adobe flash_player 9.0.280
adobe flash_player 10.1.52.14
adobe flash_player 10.3.181.23
novell suse_linux_enterprise_desktop 11.0
adobe flash_player 7.0.68.0
adobe flash_player 10.1
adobe adobe_air_sdk 3.6.0.599
adobe flash_player 11.1.115.7
adobe adobe_air *
adobe flash_player 10.0.15.3
adobe flash_player 9.0.20.0
adobe flash_player 10.1.92.10
adobe flash_player 7.0.66.0
adobe flash_player 10.1.95.2
adobe flash_player 10.1.52.15
adobe flash_player 10.3.183.23
adobe flash_player 11.2.202.223
adobe flash_player 10.2.152.33
adobe flash_player 10.3.181.34
adobe flash_player 10.1.105.6
adobe flash_player 8.0
adobe flash_player 9.0.8.0
adobe flash_player 10.2.154.25
adobe flash_player 7.0.24.0
adobe flash_player 7.0.25
adobe flash_player 10.1.106.17
adobe flash_player 10.3.183.5
adobe flash_player 10.1.85.3
adobe flash_player 11.3.300.257
adobe flash_player 10.1.95.1
CVE-2013-2016 MEDIUM

A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-269,

Products Affected

Vendor Product Version
qemu qemu 1.5.0
qemu qemu *
debian debian_linux 8.0
debian debian_linux 10.0
novell open_enterprise_server 11.0
novell open_desktop_server 11.0
debian debian_linux 9.0
CVE-2013-2770 MEDIUM

The installation functionality in the Novell Kanaka component before 2.8 for Novell Open Enterprise Server (OES) on Mac OS X does not verify the server's X.509 certificate during an SSL session, which allows man-in-the-middle attackers to spoof servers via an arbitrary certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell kanaka 2.7
novell kanaka *
CVE-2013-3268 HIGH

Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
novell imanager 2.7.5
novell imanager 2.7
novell imanager 2.7.3
novell imanager 2.7.4
novell imanager 2.7.2
novell imanager 2.7.0
novell imanager 2.7.1
novell imanager *
CVE-2013-3567 HIGH

Puppet 2.7.x before 2.7.22 and 3.2.x before 3.2.2, and Puppet Enterprise before 2.8.2, deserializes untrusted YAML, which allows remote attackers to instantiate arbitrary Ruby classes and execute arbitrary code via a crafted REST API call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
puppetlabs puppet 1.2.0
puppetlabs puppet 2.5.0
puppetlabs puppet 2.7.1
puppet puppet 2.7.18
puppet puppet_enterprise 2.5.2
puppet puppet_enterprise 1.1
puppet puppet_enterprise 1.2.0
puppetlabs puppet 2.7.20
puppetlabs puppet 1.1.0
canonical ubuntu_linux 13.04
puppet puppet 2.7.21
puppet puppet_enterprise 1.0
puppet puppet 2.7.11
puppet puppet_enterprise 2.5.1
puppet puppet 3.2.1
puppetlabs puppet 1.0.0
puppetlabs puppet 3.2.0
novell suse_linux_enterprise_desktop 11.0
novell suse_linux_enterprise_server 11.0
puppet puppet_enterprise 2.8.0
puppet puppet 2.7.2
puppet puppet 2.7.10
puppet puppet_enterprise *
puppet puppet_enterprise 2.0.0
puppetlabs puppet 2.7.0
novell suse_linux_enterprise_desktop 11
puppetlabs puppet 2.7.19
canonical ubuntu_linux 12.04
puppet puppet 2.7.12
puppet puppet 2.7.16
puppet puppet 2.7.14
puppetlabs puppet 2.7.2
puppet puppet 2.7.17
puppet puppet 2.7.13
puppetlabs puppet 2.6.0
CVE-2013-3697 HIGH

Integer overflow in the NWFS.SYS kernel driver 4.91.5.8 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003 and the NCPL.SYS kernel driver in Novell Client 2 SP2 on Windows Vista and Windows Server 2008 and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 might allow local users to gain privileges via a crafted 0x1439EB IOCTL call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
novell client 4.91
novell client 2.0
CVE-2013-3704 MEDIUM

The RPM GPG key import and handling feature in libzypp 12.15.0 and earlier reports a different key fingerprint than the one used to sign a repository when multiple key blobs are used, which might allow remote attackers to trick users into believing that the repository was signed by a more-trustworthy key.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
novell libzypp 11.3
novell libzypp 12.1
novell libzypp *
novell libzypp 11.4
novell libzypp 11.2
novell libzypp 12.3
novell libzypp 12.2
CVE-2013-3705 MEDIUM

The VBA32 AntiRootKit component for Novell Client 2 SP3 before IR5 on Windows allows local users to cause a denial of service (bugcheck and BSOD) via an IOCTL call for an invalid IOCTL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell client *
CVE-2013-3706 MEDIUM

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.2
CVE-2013-3707 MEDIUM

The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of service (service crash) by establishing many TCP connections to port 8009.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell open_enterprise_server 11.0
CVE-2013-3708 MEDIUM

The id1.GetPrinterURLList function in Novell iPrint Client before 5.93 allows remote attackers to cause a denial of service via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell iprint 5.32
novell iprint 4.34
novell iprint 4.38
novell iprint 5.52
novell iprint 5.86
novell iprint 4.26
novell iprint 5.74
novell iprint 5.82
novell iprint 4.27
novell iprint 5.12
novell iprint 5.68
novell iprint 5.56
novell iprint 5.64
novell iprint 4.30
novell iprint 5.78
novell iprint 5.30
novell iprint 5.40
novell iprint 5.72
novell iprint 5.60
novell iprint 4.28
novell iprint 5.44
novell iprint 5.50
novell iprint 5.42
novell iprint *
novell iprint 4.32
novell iprint 4.36
novell iprint 5.04
novell iprint 5.20b
CVE-2013-3709 HIGH

WebYaST 1.3 uses weak permissions for config/initializers/secret_token.rb, which allows local users to gain privileges by reading the Rails secret token from this file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
suse studio_onsite 1.3
novell suse_lifecycle_management_server 1.3
suse webyast 1.3
CVE-2013-3710 MEDIUM

SUSE Lifecycle Management Server (SLMS) before 1.3.7 does not generate a new secret key when the service starts, which allows remote attackers to defeat intended cryptographic protection mechanisms by leveraging knowledge of this key from a product installation elsewhere.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
novell suse_lifecycle_management_server 1.2
novell suse_lifecycle_management_server 1.0
novell suse_lifecycle_management_server 1.1
novell suse_lifecycle_management_server *
CVE-2013-3956 HIGH

The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges via a crafted 0x143B6B IOCTL call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell client 4.91
novell client 2.0
CVE-2013-4357 MEDIUM

The eglibc package before 2.14 incorrectly handled the getaddrinfo() function. An attacker could use this issue to cause a denial of service.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-120,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
debian debian_linux 7.0
eglibc eglibc *
novell suse_linux_enterprise_server 11.0
debian debian_linux 6.0
fedoraproject fedora 18
canonical ubuntu_linux 10.04
canonical ubuntu_linux 14.04
fedoraproject fedora 19
CVE-2013-4419 MEDIUM

The guestfish command in libguestfs 1.20.12, 1.22.7, and earlier, when using the --remote or --listen option, does not properly check the ownership of /tmp/.guestfish-$UID/ when creating a temporary socket file in this directory, which allows local users to write to the socket and execute arbitrary commands by creating /tmp/.guestfish-$UID/ in advance.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 11.0
libguestfs libguestfs *
suse suse_linux_enterprise_software_development_kit 11.0
CVE-2013-4589 MEDIUM

The ExportAlphaQuantumType function in export.c in GraphicsMagick before 1.3.18 might allow remote attackers to cause a denial of service (crash) via vectors related to exporting the alpha of an 8-bit RGBA image.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
graphicsmagick graphicsmagick 1.2.2
graphicsmagick graphicsmagick 1.2.5
graphicsmagick graphicsmagick 1.0.6
graphicsmagick graphicsmagick 1.2.1
novell suse_linux_enterprise_debuginfo 11
graphicsmagick graphicsmagick 1.0.5
graphicsmagick graphicsmagick 1.2.3
graphicsmagick graphicsmagick 1.0.1
graphicsmagick graphicsmagick 1.1.12
graphicsmagick graphicsmagick *
graphicsmagick graphicsmagick 1.1.11
graphicsmagick graphicsmagick 1.2.6
graphicsmagick graphicsmagick 1.3.10
graphicsmagick graphicsmagick 1.1.3
graphicsmagick graphicsmagick 1.1.14
graphicsmagick graphicsmagick 1.1.5
graphicsmagick graphicsmagick 1.1.4
graphicsmagick graphicsmagick 1.1.7
graphicsmagick graphicsmagick 1.2.4
graphicsmagick graphicsmagick 1.1
graphicsmagick graphicsmagick 1.0.3
graphicsmagick graphicsmagick 1.1.2
graphicsmagick graphicsmagick 1.3.12
graphicsmagick graphicsmagick 1.2.18
novell suse_studio_onsite 1.3
fedoraproject fedora 18
graphicsmagick graphicsmagick 1.0.2
graphicsmagick graphicsmagick 1.1.1
graphicsmagick graphicsmagick 1.3.16
graphicsmagick graphicsmagick 1.3.14
graphicsmagick graphicsmagick 1.0.4
graphicsmagick graphicsmagick 1.0
graphicsmagick graphicsmagick 1.1.6
graphicsmagick graphicsmagick 1.3.9
graphicsmagick graphicsmagick 1.1.9
graphicsmagick graphicsmagick 1.1.10
graphicsmagick graphicsmagick 1.3.8
graphicsmagick graphicsmagick 1.3.15
novell suse_linux_enterprise_software_development_kit 11.0
graphicsmagick graphicsmagick 1.2.7
graphicsmagick graphicsmagick 1.3.11
graphicsmagick graphicsmagick 1.1.8
graphicsmagick graphicsmagick 1.1.13
graphicsmagick graphicsmagick 1.3.13
CVE-2013-4854 HIGH

The RFC 5011 implementation in rdata.c in ISC BIND 9.7.x and 9.8.x before 9.8.5-P2, 9.8.6b1, 9.9.x before 9.9.3-P2, and 9.9.4b1, and DNSco BIND 9.9.3-S1 before 9.9.3-S1-P1 and 9.9.4-S1b1, allows remote attackers to cause a denial of service (assertion failure and named daemon exit) via a query with a malformed RDATA section that is not properly handled during construction of a log message, as exploited in the wild in July 2013.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
isc bind 9.9.3
freebsd freebsd 9.2
isc bind 9.8.4
slackware slackware_linux 13.1
isc bind 9.7.0
isc bind 9.8.6
isc bind 9.8.0
opensuse opensuse 11.4
mandriva business_server 1.0
suse suse_linux_enterprise_software_development_kit 11.0
mandriva enterprise_server 5.0
isc bind 9.8.2
isc bind 9.9.2
isc bind 9.7.3
isc bind 9.7.1
freebsd freebsd 8.0
isc bind 9.9.0
isc bind 9.9.1
freebsd freebsd 9.1
isc bind 9.7.7
isc bind 9.7.5
isc bind 9.8.5
isc bind 9.8.3
redhat enterprise_linux 5
isc bind 9.7.2
slackware slackware_linux 12.2
isc bind 9.7.4
fedoraproject fedora 18
slackware slackware_linux 13.37
isc bind 9.7.6
hp hp-ux b.11.31
freebsd freebsd 8.1
isc bind 9.8.1
freebsd freebsd 8.3
freebsd freebsd 8.4
slackware slackware_linux 13.0
freebsd freebsd 8.2
isc dnsco_bind 9.9.4
redhat enterprise_linux 6.0
freebsd freebsd 9.0
isc dnsco_bind 9.9.3
slackware slackware_linux 12.1
fedoraproject fedora 19
novell suse_linux 11
CVE-2013-6344 MEDIUM

The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.2
novell zenworks_configuration_management 10.3.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.2
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 10.3.1
novell zenworks_configuration_management *
CVE-2013-6345 HIGH

Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.2
novell zenworks_configuration_management 10.3.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.2
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 10.3.1
novell zenworks_configuration_management *
CVE-2013-6346 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.2
novell zenworks_configuration_management 10.3.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.2
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 10.3.1
novell zenworks_configuration_management *
CVE-2013-6347 MEDIUM

Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 10.2
novell zenworks_configuration_management 10.3.3
novell zenworks_configuration_management 11
novell zenworks_configuration_management 10.3
novell zenworks_configuration_management 10.3.2
novell zenworks_configuration_management 11.2
novell zenworks_configuration_management 10.3.1
novell zenworks_configuration_management *
CVE-2013-7042 MEDIUM

SUSE Lifecycle Management Server (SLMS) before 1.3.7 uses world-readable permissions for the secret keys, which allows local users to gain privileges via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell suse_lifecycle_management_server 1.2
novell suse_lifecycle_management_server 1.0
novell suse_lifecycle_management_server 1.1
novell suse_lifecycle_management_server *
CVE-2014-0592 HIGH

Barclamp (aka barclamp-network) 1.7 for the Crowbar Framework, as used in SUSE Cloud 3, does not enable netfilter on bridges when creating new instances, which allows remote attackers to bypass security group restrictions via unspecified vectors, related to floating IPs.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
crowbar barclamp 1.7
novell suse_cloud 3.0
CVE-2014-0595 LOW

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator.

CVSS 2.0

Severity: LOW

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell open_enterprise_server 11.0
CVE-2014-0598 HIGH

Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell open_enterprise_server 11.0
CVE-2014-0599 MEDIUM

Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell open_enterprise_server 11.0
CVE-2014-0600 HIGH

FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell groupwise 2014
CVE-2014-0609 HIGH

Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell open_enterprise_server 11.0
CVE-2014-0610 HIGH

The client in Novell GroupWise before 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 8.0
novell groupwise 8.01
novell groupwise 8.02
novell groupwise 8.00
novell groupwise 8.03
novell groupwise 2012
novell groupwise 2014
CVE-2014-0611 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise *
CVE-2014-1505 MEDIUM

The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.10
canonical ubuntu_linux 13.10
debian debian_linux 8.0
opensuse opensuse 11.4
redhat enterprise_linux_server 6.0
debian debian_linux 7.0
redhat enterprise_linux_workstation 5.0
mozilla firefox_esr *
redhat enterprise_linux_server_aus 6.5
mozilla seamonkey *
redhat enterprise_linux_workstation 6.0
suse suse_linux_enterprise_server 11
mozilla thunderbird *
opensuse opensuse 12.3
redhat enterprise_linux_server_tus 6.5
mozilla firefox *
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
suse suse_linux_enterprise_desktop 11
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_eus 6.5
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 5.0
CVE-2014-3566 MEDIUM

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.4 LOW CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N 1.6 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
debian debian_linux 8.0
netbsd netbsd 6.1.4
openssl openssl 1.0.0l
redhat enterprise_linux_server_supplementary 7.0
openssl openssl 0.9.8i
openssl openssl 0.9.8t
openssl openssl 1.0.1f
openssl openssl 0.9.8b
novell suse_linux_enterprise_desktop 12.0
openssl openssl 0.9.8r
openssl openssl 1.0.1g
openssl openssl 1.0.0n
ibm vios 2.2.0.13
netbsd netbsd 5.2
openssl openssl 0.9.8l
oracle database 11.2.0.4
netbsd netbsd 5.1.4
netbsd netbsd 6.1
openssl openssl 0.9.8za
netbsd netbsd 5.1.2
ibm vios 2.2.1.0
redhat enterprise_linux_desktop 6.0
ibm aix 7.1
openssl openssl 1.0.0e
redhat enterprise_linux_desktop 7.0
ibm vios 2.2.1.9
novell suse_linux_enterprise_software_development_kit 11.0
ibm vios 2.2.3.3
redhat enterprise_linux_desktop_supplementary 5.0
ibm vios 2.2.1.5
ibm vios 2.2.2.1
openssl openssl 0.9.8k
novell suse_linux_enterprise_software_development_kit 12.0
openssl openssl 0.9.8z
openssl openssl 0.9.8j
ibm vios 2.2.2.0
openssl openssl 1.0.0f
redhat enterprise_linux_server_supplementary 5.0
ibm vios 2.2.3.1
openssl openssl 0.9.8g
openssl openssl 1.0.1i
openssl openssl 0.9.8h
ibm vios 2.2.1.8
ibm vios 2.2.1.6
ibm vios 2.2.3.4
openssl openssl 0.9.8d
openssl openssl 1.0.1c
openssl openssl 0.9.8e
netbsd netbsd 6.1.5
openssl openssl 1.0.0g
openssl openssl 0.9.8x
ibm vios 2.2.0.12
redhat enterprise_linux_workstation 6.0
openssl openssl 1.0.0d
openssl openssl 1.0.1h
novell suse_linux_enterprise_server 12.0
openssl openssl 0.9.8zb
netbsd netbsd 5.1.1
openssl openssl 0.9.8q
openssl openssl 1.0.1
openssl openssl 1.0.1d
redhat enterprise_linux_workstation_supplementary 6.0
ibm vios 2.2.1.3
ibm vios 2.2.3.2
ibm aix 5.3
netbsd netbsd 6.0.3
netbsd netbsd 6.1.1
openssl openssl 1.0.1e
openssl openssl 0.9.8c
ibm vios 2.2.0.10
openssl openssl 1.0.0k
redhat enterprise_linux_server_supplementary 6.0
openssl openssl 0.9.8m
openssl openssl 0.9.8p
openssl openssl 0.9.8s
openssl openssl 0.9.8y
netbsd netbsd 6.1.3
openssl openssl 0.9.8f
ibm vios 2.2.0.11
ibm aix 6.1
ibm vios 2.2.2.4
opensuse opensuse 12.3
ibm vios 2.2.2.5
netbsd netbsd 6.1.2
openssl openssl 1.0.0h
openssl openssl 1.0.1b
opensuse opensuse 13.1
ibm vios 2.2.1.7
openssl openssl 0.9.8a
openssl openssl 1.0.0m
netbsd netbsd 5.2.2
openssl openssl 1.0.0c
fedoraproject fedora 20
openssl openssl 0.9.8u
redhat enterprise_linux_desktop_supplementary 6.0
openssl openssl 1.0.0i
netbsd netbsd 6.0.6
openssl openssl 1.0.1a
ibm vios 2.2.1.1
openssl openssl 0.9.8n
netbsd netbsd 6.0.5
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
debian debian_linux 7.0
apple mac_os_x *
openssl openssl 0.9.8v
netbsd netbsd 5.2.1
netbsd netbsd 6.0.4
openssl openssl 0.9.8
novell suse_linux_enterprise_desktop 9.0
openssl openssl 0.9.8o
novell suse_linux_enterprise_desktop 11.0
ibm vios 2.2.3.0
redhat enterprise_linux 5
novell suse_linux_enterprise_server 11.0
openssl openssl 0.9.8w
netbsd netbsd 5.1
redhat enterprise_linux_workstation_supplementary 7.0
novell suse_linux_enterprise_desktop 10.0
openssl openssl 1.0.0
fedoraproject fedora 21
openssl openssl 1.0.0b
ibm vios 2.2.2.3
ibm vios 2.2.1.4
openssl openssl 1.0.0a
ibm vios 2.2.2.2
openssl openssl 1.0.0j
oracle database 12.1.0.2
mageia mageia 3.0
netbsd netbsd 6.0.2
redhat enterprise_linux_server 7.0
mageia mageia 4.0
netbsd netbsd 6.0
netbsd netbsd 6.0.1
netbsd netbsd 5.1.3
fedoraproject fedora 19
CVE-2014-3687 HIGH

The sctp_assoc_lookup_asconf_ack function in net/sctp/associola.c in the SCTP implementation in the Linux kernel through 3.17.2 allows remote attackers to cause a denial of service (panic) via duplicate ASCONF chunks that trigger an incorrect uncork within the side-effect interpreter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: HIGH

Problem Type: CWE-400,

Products Affected

Vendor Product Version
oracle linux 5
novell suse_linux_enterprise_server 12.0
suse linux_enterprise_real_time_extension 11
suse suse_linux_enterprise_server 11
redhat enterprise_mrg 2.0
oracle linux 6
opensuse evergreen 11.4
novell suse_linux_enterprise_desktop 12.0
suse linux_enterprise_workstation_extension 12
canonical ubuntu_linux 12.04
debian debian_linux 7.0
suse linux_enterprise_software_development_kit 12
oracle linux 7
linux linux_kernel *
CVE-2014-3690 MEDIUM

arch/x86/kvm/vmx.c in the KVM subsystem in the Linux kernel before 3.17.2 on Intel processors does not ensure that the value in the CR4 control register remains the same after a VM entry, which allows host OS users to kill arbitrary processes or cause a denial of service (system disruption) by leveraging /dev/kvm access, as demonstrated by PR_SET_TSC prctl calls within a modified copy of QEMU.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
suse linux_enterprise_real_time_extension 11
novell suse_linux_enterprise_server 11
opensuse evergreen 11.4
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
suse linux_enterprise_workstation_extension 12
canonical ubuntu_linux 12.04
debian debian_linux 7.0
suse linux_enterprise_software_development_kit 12
linux linux_kernel *
canonical ubuntu_linux 14.04
redhat enterprise_linux 5.0
CVE-2014-5212 MEDIUM

Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell edirectory *
CVE-2014-5213 MEDIUM

nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell edirectory *
CVE-2014-6271 HIGH

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
ibm qradar_vulnerability_manager 7.2.2
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
f5 traffix_signaling_delivery_controller 3.5.1
oracle linux 4
ibm storwize_v3500_firmware *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
ibm qradar_vulnerability_manager 7.2.6
ibm smartcloud_entry_appliance 2.3.0
f5 big-ip_access_policy_manager *
redhat gluster_storage_server_for_on-premise 2.1
redhat enterprise_linux_for_scientific_computing 7.0
ibm qradar_security_information_and_event_manager 7.1.1
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
f5 big-ip_policy_enforcement_manager 11.6.0
suse linux_enterprise_server 10
f5 traffix_signaling_delivery_controller 3.4.1
redhat enterprise_linux_for_power_big_endian 5.0_ppc
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
f5 big-ip_protocol_security_module *
novell zenworks_configuration_management 10.3
arista eos *
f5 big-ip_advanced_firewall_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.2
oracle linux 5
suse linux_enterprise_desktop 11
ibm infosphere_guardium_database_activity_monitoring 8.2
f5 arx_firmware *
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_for_scientific_computing 6.0
ibm qradar_security_information_and_event_manager 7.1.2
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux 7.0
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
suse linux_enterprise_software_development_kit 12
opensuse opensuse 13.2
vmware esx 4.1
vmware vcenter_server_appliance 5.0
ibm workload_deployer *
novell zenworks_configuration_management 11.1
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
f5 traffix_signaling_delivery_controller *
suse linux_enterprise_server 12
ibm qradar_security_information_and_event_manager 7.2
ibm starter_kit_for_cloud 2.2.0
ibm stn6500_firmware *
f5 big-ip_analytics *
checkpoint security_gateway *
ibm stn7800_firmware *
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
f5 big-ip_application_security_manager 11.6.0
canonical ubuntu_linux 10.04
ibm qradar_security_information_and_event_manager 7.2.8.15
redhat enterprise_linux_for_power_big_endian 5.9_ppc
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_policy_enforcement_manager *
novell open_enterprise_server 2.0
ibm smartcloud_entry_appliance 2.4.0
ibm smartcloud_entry_appliance 3.1.0
redhat enterprise_linux_workstation 5.0
f5 big-ip_edge_gateway *
f5 big-ip_application_acceleration_manager *
f5 big-ip_local_traffic_manager *
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
redhat enterprise_linux_server_aus 6.5
f5 big-ip_advanced_firewall_manager *
redhat enterprise_linux_eus 5.9
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.0
redhat enterprise_linux 5.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 12
ibm pureapplication_system 2.0.0.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
redhat enterprise_linux_server_tus 7.7
ibm stn6800_firmware *
f5 big-ip_global_traffic_manager *
ibm qradar_security_information_and_event_manager 7.2.5
ibm smartcloud_entry_appliance 3.2.0
ibm smartcloud_provisioning 2.1.0
redhat enterprise_linux 4.0
ibm qradar_security_information_and_event_manager 7.1.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_desktop 5.0
qnap qts *
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_server_aus 5.6
suse linux_enterprise_server 11
ibm qradar_vulnerability_manager 7.2.3
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
ibm infosphere_guardium_database_activity_monitoring 9.0
ibm qradar_vulnerability_manager 7.2.4
ibm software_defined_network_for_virtual_environments *
ibm qradar_risk_manager 7.1.0
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
redhat enterprise_linux_server_aus 6.2
f5 big-ip_webaccelerator *
f5 big-ip_application_security_manager *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
redhat enterprise_linux_eus 7.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
f5 big-iq_cloud *
ibm flex_system_v7000_firmware *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
f5 big-ip_local_traffic_manager 11.6.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.7
opensuse opensuse 12.3
suse studio_onsite 1.3
oracle linux 6
redhat enterprise_linux_eus 7.6
ibm san_volume_controller_firmware *
f5 big-ip_analytics 11.6.0
redhat enterprise_linux_eus 7.3
opensuse opensuse 13.1
vmware vcenter_server_appliance 5.5
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_server_aus 7.6
qnap qts 4.1.1
vmware vcenter_server_appliance 5.1
gnu bash *
f5 big-iq_security *
redhat enterprise_linux_server_aus 7.4
ibm qradar_security_information_and_event_manager 7.2.8
redhat enterprise_linux_eus 6.5
ibm storwize_v7000_firmware *
redhat enterprise_linux_server 5.0
ibm infosphere_guardium_database_activity_monitoring 9.1
f5 big-ip_link_controller *
vmware esx 4.0
f5 big-ip_link_controller 11.6.0
novell zenworks_configuration_management 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
ibm qradar_vulnerability_manager 7.2.1
redhat enterprise_linux_workstation 7.0
f5 big-ip_access_policy_manager 11.6.0
ibm storwize_v3700_firmware *
redhat enterprise_linux_server 6.0
f5 big-ip_wan_optimization_manager *
f5 big-ip_global_traffic_manager 11.6.0
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
debian debian_linux 7.0
apple mac_os_x *
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.8
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
f5 enterprise_manager *
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
ibm storwize_v5000_firmware *
ibm pureapplication_system *
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.4
redhat enterprise_linux_eus 6.4
ibm qradar_security_information_and_event_manager 7.2.9
f5 big-iq_device *
redhat virtualization 3.4
novell zenworks_configuration_management 11.3.0
citrix netscaler_sdx_firmware *
ibm qradar_security_information_and_event_manager 7.2.7
novell zenworks_configuration_management 11.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
f5 traffix_signaling_delivery_controller 3.3.2
mageia mageia 3.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server 7.0
novell open_enterprise_server 11.0
ibm qradar_vulnerability_manager 7.2.0
redhat enterprise_linux_server_tus 7.3
mageia mageia 4.0
redhat enterprise_linux 6.0
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
canonical ubuntu_linux 14.04
f5 traffix_signaling_delivery_controller 4.1.0
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
CVE-2014-6601 HIGH

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.6.0
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 10.04
oracle jdk 1.7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
debian debian_linux 7.0
oracle jre 1.8.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
redhat enterprise_linux 5.0
CVE-2014-7169 HIGH

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-78,CWE-78,

Products Affected

Vendor Product Version
ibm qradar_vulnerability_manager 7.2.2
ibm security_access_manager_for_web_7.0_firmware 7.0.0.2
f5 traffix_signaling_delivery_controller 3.5.1
oracle linux 4
ibm storwize_v3500_firmware *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.7
redhat enterprise_linux_for_ibm_z_systems 7.6_s390x
ibm qradar_vulnerability_manager 7.2.6
ibm smartcloud_entry_appliance 2.3.0
f5 big-ip_access_policy_manager *
redhat gluster_storage_server_for_on-premise 2.1
redhat enterprise_linux_for_scientific_computing 7.0
ibm qradar_security_information_and_event_manager 7.1.1
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.5
f5 big-ip_policy_enforcement_manager 11.6.0
suse linux_enterprise_server 10
f5 traffix_signaling_delivery_controller 3.4.1
redhat enterprise_linux_for_power_big_endian 5.0_ppc
ibm security_access_manager_for_web_7.0_firmware 7.0.0.5
f5 big-ip_protocol_security_module *
novell zenworks_configuration_management 10.3
arista eos *
f5 big-ip_advanced_firewall_manager 11.6.0
ibm qradar_security_information_and_event_manager 7.2.2
oracle linux 5
suse linux_enterprise_desktop 11
ibm infosphere_guardium_database_activity_monitoring 8.2
f5 arx_firmware *
redhat enterprise_linux_for_ibm_z_systems 7.4_s390x
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_for_scientific_computing 6.0
ibm qradar_security_information_and_event_manager 7.1.2
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.3_ppc64
redhat enterprise_linux 7.0
redhat enterprise_linux_for_power_big_endian 7.0_ppc64
redhat enterprise_linux_for_power_big_endian 6.4_ppc64
suse linux_enterprise_software_development_kit 12
opensuse opensuse 13.2
vmware esx 4.1
vmware vcenter_server_appliance 5.0
ibm workload_deployer *
novell zenworks_configuration_management 11.1
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_for_power_big_endian_eus 6.5_ppc64
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.2
f5 traffix_signaling_delivery_controller *
suse linux_enterprise_server 12
ibm qradar_security_information_and_event_manager 7.2
ibm starter_kit_for_cloud 2.2.0
ibm stn6500_firmware *
f5 big-ip_analytics *
checkpoint security_gateway *
ibm stn7800_firmware *
ibm security_access_manager_for_web_8.0_firmware 8.0.0.2
f5 big-ip_application_security_manager 11.6.0
canonical ubuntu_linux 10.04
ibm qradar_security_information_and_event_manager 7.2.8.15
redhat enterprise_linux_for_power_big_endian 5.9_ppc
f5 big-ip_application_acceleration_manager 11.6.0
f5 big-ip_policy_enforcement_manager *
novell open_enterprise_server 2.0
ibm smartcloud_entry_appliance 2.4.0
ibm smartcloud_entry_appliance 3.1.0
redhat enterprise_linux_workstation 5.0
f5 big-ip_edge_gateway *
f5 big-ip_application_acceleration_manager *
f5 big-ip_local_traffic_manager *
ibm security_access_manager_for_web_8.0_firmware 8.0.0.3
redhat enterprise_linux_server_aus 6.5
f5 big-ip_advanced_firewall_manager *
redhat enterprise_linux_eus 5.9
ibm qradar_security_information_and_event_manager 7.2.3
ibm qradar_security_information_and_event_manager 7.2.0
redhat enterprise_linux 5.0
suse linux_enterprise_software_development_kit 11
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 12
ibm pureapplication_system 2.0.0.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.1
redhat enterprise_linux_server_tus 7.7
ibm stn6800_firmware *
f5 big-ip_global_traffic_manager *
ibm qradar_security_information_and_event_manager 7.2.5
ibm smartcloud_entry_appliance 3.2.0
ibm smartcloud_provisioning 2.1.0
redhat enterprise_linux 4.0
ibm qradar_security_information_and_event_manager 7.1.0
redhat enterprise_linux_for_power_big_endian_eus 7.5_ppc64
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_desktop 5.0
qnap qts *
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
redhat enterprise_linux_server_from_rhui 6.0
redhat enterprise_linux_server_aus 5.6
suse linux_enterprise_server 11
ibm qradar_vulnerability_manager 7.2.3
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_for_ibm_z_systems 7.7_s390x
ibm infosphere_guardium_database_activity_monitoring 9.0
ibm qradar_vulnerability_manager 7.2.4
ibm software_defined_network_for_virtual_environments *
ibm qradar_risk_manager 7.1.0
ibm security_access_manager_for_web_8.0_firmware 8.0.0.5
redhat enterprise_linux_server_aus 6.2
f5 big-ip_webaccelerator *
f5 big-ip_application_security_manager *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.6
redhat enterprise_linux_eus 7.5
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.3
redhat enterprise_linux_server_aus 7.7
redhat enterprise_linux_for_power_big_endian_eus 7.7_ppc64
f5 big-iq_cloud *
ibm flex_system_v7000_firmware *
ibm security_access_manager_for_web_7.0_firmware 7.0.0.3
f5 big-ip_local_traffic_manager 11.6.0
redhat enterprise_linux_eus 7.4
redhat enterprise_linux_eus 7.7
opensuse opensuse 12.3
suse studio_onsite 1.3
oracle linux 6
redhat enterprise_linux_eus 7.6
ibm san_volume_controller_firmware *
f5 big-ip_analytics 11.6.0
redhat enterprise_linux_eus 7.3
opensuse opensuse 13.1
vmware vcenter_server_appliance 5.5
redhat enterprise_linux_server_from_rhui 7.0
redhat enterprise_linux_server_aus 7.6
qnap qts 4.1.1
vmware vcenter_server_appliance 5.1
gnu bash *
f5 big-iq_security *
redhat enterprise_linux_server_aus 7.4
ibm qradar_security_information_and_event_manager 7.2.8
redhat enterprise_linux_eus 6.5
ibm storwize_v7000_firmware *
redhat enterprise_linux_server 5.0
ibm infosphere_guardium_database_activity_monitoring 9.1
f5 big-ip_link_controller *
vmware esx 4.0
f5 big-ip_link_controller 11.6.0
novell zenworks_configuration_management 11
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_for_ibm_z_systems 7.3_s390x
redhat enterprise_linux_for_power_big_endian_eus 7.4_ppc64
ibm qradar_vulnerability_manager 7.2.1
redhat enterprise_linux_workstation 7.0
f5 big-ip_access_policy_manager 11.6.0
ibm storwize_v3700_firmware *
redhat enterprise_linux_server 6.0
f5 big-ip_wan_optimization_manager *
f5 big-ip_global_traffic_manager 11.6.0
redhat enterprise_linux_for_ibm_z_systems 5.9_s390x
ibm security_access_manager_for_web_7.0_firmware 7.0.0.8
debian debian_linux 7.0
apple mac_os_x *
ibm qradar_security_information_and_event_manager 7.2.6
ibm qradar_vulnerability_manager 7.2.8
ibm security_access_manager_for_mobile_8.0_firmware 8.0.0.1
f5 enterprise_manager *
redhat enterprise_linux_for_ibm_z_systems 6.5_s390x
ibm storwize_v5000_firmware *
ibm pureapplication_system *
ibm qradar_security_information_and_event_manager 7.2.1
ibm qradar_security_information_and_event_manager 7.2.4
redhat enterprise_linux_eus 6.4
ibm qradar_security_information_and_event_manager 7.2.9
f5 big-iq_device *
redhat virtualization 3.4
novell zenworks_configuration_management 11.3.0
citrix netscaler_sdx_firmware *
ibm qradar_security_information_and_event_manager 7.2.7
novell zenworks_configuration_management 11.2
canonical ubuntu_linux 12.04
redhat enterprise_linux_for_power_big_endian 6.0_ppc64
f5 traffix_signaling_delivery_controller 3.3.2
mageia mageia 3.0
ibm security_access_manager_for_web_7.0_firmware 7.0.0.4
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server 7.0
novell open_enterprise_server 11.0
ibm qradar_vulnerability_manager 7.2.0
redhat enterprise_linux_server_tus 7.3
mageia mageia 4.0
redhat enterprise_linux 6.0
redhat enterprise_linux_for_ibm_z_systems 7.5_s390x
canonical ubuntu_linux 14.04
f5 traffix_signaling_delivery_controller 4.1.0
redhat enterprise_linux_for_ibm_z_systems 6.4_s390x
CVE-2014-7970 MEDIUM

The pivot_root implementation in fs/namespace.c in the Linux kernel through 3.17 does not properly interact with certain locations of a chroot directory, which allows local users to cause a denial of service (mount-tree loop) via . (dot) values in both arguments to the pivot_root system call.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
CVE-2014-8559 MEDIUM

The d_walk function in fs/dcache.c in the Linux kernel through 3.17.2 does not properly maintain the semantics of rename_lock, which allows local users to cause a denial of service (deadlock and system hang) via a crafted application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-400,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
suse linux_enterprise_real_time_extension 11
suse suse_linux_enterprise_server 11
opensuse evergreen 11.4
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
suse linux_enterprise_workstation_extension 12
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
suse linux_enterprise_software_development_kit 12
oracle linux 7
linux linux_kernel *
canonical ubuntu_linux 14.04
CVE-2014-9853 MEDIUM

Memory leak in coders/rle.c in ImageMagick allows remote attackers to cause a denial of service (memory consumption) via a crafted rle file.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.5 MEDIUM CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H 1.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
suse linux_enterprise_desktop 12
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 11
imagemagick imagemagick *
opensuse leap 42.1
canonical ubuntu_linux 16.04
suse linux_enterprise_workstation_extension 12
canonical ubuntu_linux 12.04
suse linux_enterprise_software_development_kit 12
opensuse opensuse 13.2
canonical ubuntu_linux 16.10
suse linux_enterprise_server 12
opensuse_project suse_linux_enterprise_software_development_kit 11.0
canonical ubuntu_linux 14.04
novell leap 42.2
CVE-2014-9904 HIGH

The snd_compress_check_input function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.17 does not properly check for an integer overflow, which allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted SNDRV_COMPRESS_SET_PARAMS ioctl call.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
debian debian_linux 8.0
linux linux_kernel *
novell suse_linux_enterprise_real_time_extension 12
CVE-2015-0240 HIGH

The Netlogon server implementation in smbd in Samba 3.5.x and 3.6.x before 3.6.25, 4.0.x before 4.0.25, 4.1.x before 4.1.17, and 4.2.x before 4.2.0rc5 performs a free operation on an uninitialized stack pointer, which allows remote attackers to execute arbitrary code via crafted Netlogon packets that use the ServerPasswordSet RPC API, as demonstrated by packets reaching the _netr_ServerPasswordSet function in rpc_server/netlogon/srv_netlog_nt.c.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
samba samba 4.0.12
samba samba 3.5.2
samba samba 4.0.11
samba samba 4.0.9
samba samba 3.5.11
samba samba 3.6.14
samba samba 4.0.14
samba samba 3.5.6
canonical ubuntu_linux 14.10
samba samba 3.6.11
samba samba 4.1.12
samba samba 4.1.15
samba samba 4.1.1
samba samba 4.1.11
samba samba 4.0.1
samba samba 3.5.20
samba samba 4.0.22
novell suse_linux_enterprise_server 12
samba samba 4.1.7
samba samba 4.1.9
samba samba 3.5.18
samba samba 4.0.4
samba samba 3.6.0
samba samba 4.0.24
samba samba 3.5.5
samba samba 3.6.22
samba samba 4.0.10
samba samba 3.6.24
samba samba 4.0.15
samba samba 3.5.22
samba samba 4.0.23
samba samba 4.1.0
samba samba 4.0.8
samba samba 3.5.12
redhat enterprise_linux 7.0
novell suse_linux_enterprise_desktop 12
samba samba 3.5.17
samba samba 3.6.2
samba samba 4.0.3
samba samba 4.0.5
samba samba 4.0.6
samba samba 3.5.9
samba samba 4.2.0
samba samba 4.0.0
samba samba 3.6.15
samba samba 4.0.13
samba samba 4.1.13
samba samba 4.0.18
samba samba 4.1.4
samba samba 4.1.5
samba samba 4.0.19
samba samba 3.6.10
samba samba 3.6.12
samba samba 3.6.19
samba samba 4.0.2
samba samba 3.5.13
samba samba 3.5.15
samba samba 4.1.14
samba samba 3.6.21
samba samba 4.0.7
samba samba 3.5.19
samba samba 3.5.8
novell suse_linux_enterprise_software_development_kit 12
samba samba 3.5.4
samba samba 4.1.6
samba samba 3.6.1
samba samba 3.5.0
samba samba 4.0.21
samba samba 3.6.13
samba samba 4.1.10
redhat enterprise_linux 5
samba samba 3.5.16
samba samba 3.6.23
samba samba 3.5.21
samba samba 4.1.16
samba samba 4.1.8
samba samba 4.0.17
canonical ubuntu_linux 12.04
samba samba 3.5.14
samba samba 4.0.20
samba samba 3.5.7
samba samba 4.1.2
samba samba 3.5.10
samba samba 3.6.16
samba samba 3.6.17
redhat enterprise_linux 6.0
samba samba 3.6.20
samba samba 4.0.16
canonical ubuntu_linux 14.04
samba samba 3.6.18
samba samba 3.5.1
samba samba 4.1.3
samba samba 3.5.3
CVE-2015-0383 MEDIUM

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows local users to affect integrity and availability via unknown vectors related to Hotspot.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
debian debian_linux 8.0
canonical ubuntu_linux 10.04
oracle jrockit r28.3.4
canonical ubuntu_linux 14.10
debian debian_linux 7.0
oracle jre 1.8.0
oracle jdk 1.5.0
oracle jre 1.5.0
novell suse_linux_enterprise_desktop 11.0
oracle jrockit r27.8.4
fedoraproject fedora 22
oracle jdk 1.6.0
redhat enterprise_linux 5
oracle jre 1.6.0
novell suse_linux_enterprise_server 12.0
oracle jdk 1.7.0
fedoraproject fedora 21
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
fedoraproject fedora 20
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
CVE-2015-0395 HIGH

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
redhat enterprise_linux 5
oracle jre 1.6.0
debian debian_linux 8.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 10.04
oracle jdk 1.7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
debian debian_linux 7.0
oracle jre 1.8.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
oracle jdk 1.5.0
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
oracle jre 1.5.0
oracle jdk 1.6.0
CVE-2015-0400 MEDIUM

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality via unknown vectors related to Libraries.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.6.0
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 10.04
oracle jdk 1.7.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
oracle jre 1.8.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
canonical ubuntu_linux 14.04
oracle jdk 1.6.0
CVE-2015-0403 MEDIUM

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.8.0
oracle jre 1.6.0
oracle jdk 1.8.0
oracle jre 1.7.0
oracle jdk 1.7.0
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
CVE-2015-0405 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to XA.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_software_development_kit 11.0
novell suse_linux_enterprise_desktop 11.0
CVE-2015-0406 MEDIUM

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality and availability via unknown vectors related to Deployment.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.8.0
oracle jre 1.6.0
oracle jdk 1.8.0
oracle jre 1.7.0
oracle jdk 1.7.0
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
CVE-2015-0408 HIGH

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.6.0
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 10.04
oracle jdk 1.7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
debian debian_linux 7.0
oracle jre 1.8.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
oracle jdk 1.5.0
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
oracle jre 1.5.0
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
redhat enterprise_linux 5.0
CVE-2015-0410 MEDIUM

Unspecified vulnerability in the Java SE, Java SE Embedded, JRockit component in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25; Java SE Embedded 7u71 and 8u6; and JRockit R27.8.4 and R28.3.4 allows remote attackers to affect availability via unknown vectors related to Security.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.6.0
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 10.04
oracle jdk 1.7.0
oracle jrockit r28.3.4
canonical ubuntu_linux 14.10
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
debian debian_linux 7.0
oracle jre 1.8.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
oracle jdk 1.5.0
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
oracle jre 1.5.0
novell suse_linux_enterprise_desktop 11.0
oracle jrockit r27.8.4
oracle jdk 1.6.0
redhat enterprise_linux 5.0
CVE-2015-0412 HIGH

Unspecified vulnerability in Oracle Java SE 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAX-WS.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.6.0
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
canonical ubuntu_linux 10.04
oracle jdk 1.7.0
canonical ubuntu_linux 14.10
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
debian debian_linux 7.0
oracle jre 1.8.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
redhat enterprise_linux 5.0
CVE-2015-0421 MEDIUM

Unspecified vulnerability in Oracle Java SE 8u25 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to the installation process.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.8.0
oracle jdk 1.8.0
novell suse_linux_enterprise_desktop 11.0
CVE-2015-0423 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
novell suse_linux_enterprise_server 11.0
oracle communications_policy_management *
oracle communications_policy_management 12.1.1
oracle communications_policy_management 9.9.1
oracle communications_policy_management 10.4.1
novell suse_linux_enterprise_software_development_kit 11.0
novell suse_linux_enterprise_desktop 11.0
CVE-2015-0437 HIGH

Unspecified vulnerability in Oracle Java SE 8u25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Hotspot.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.8.0
oracle jdk 1.8.0
novell suse_linux_enterprise_desktop 11.0
CVE-2015-0438 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Partition.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_software_development_kit 11.0
novell suse_linux_enterprise_desktop 11.0
CVE-2015-0439 MEDIUM

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB, a different vulnerability than CVE-2015-4756.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
novell suse_linux_enterprise_server 11.0
suse suse_linux_enterprise_software_development_kit 11.0
suse suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_desktop 11
CVE-2015-0458 HIGH

Unspecified vulnerability in in Oracle Java SE 6u91, 7u76, and 8u40 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Deployment.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.8.0
oracle jre 1.6.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
oracle jdk 1.7.0
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
CVE-2015-0459 HIGH

Unspecified vulnerability in Oracle Java SE 5.0u81, 6u91, 7u76, and 8u40, and JavaFX 2.2.76, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D, a different vulnerability than CVE-2015-0491.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle jre 1.8.0
oracle jre 1.6.0
oracle jdk 1.8.0
opensuse opensuse 13.2
oracle jre 1.7.0
oracle jdk 1.5.0
oracle javafx 2.2.76
oracle jdk 1.7.0
oracle jre 1.5.0
novell suse_linux_enterprise_desktop 11.0
oracle jdk 1.6.0
CVE-2015-0779 HIGH

Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the filename parameter and WAR content in the POST data, a different vulnerability than CVE-2010-5323 and CVE-2010-5324.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11
novell zenworks_configuration_management 11.2.2
novell zenworks_configuration_management 11.2.1
novell zenworks_configuration_management 11.2.3
novell zenworks_configuration_management 11.2
CVE-2015-0780 HIGH

SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-0781 HIGH

Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload and execute arbitrary files via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-0782 HIGH

SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-0783 MEDIUM

The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-0784 MEDIUM

Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-0785 MEDIUM

com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders via the dirname variable.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-0786 HIGH

Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attackers to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell zenworks_configuration_management -
CVE-2015-1339 MEDIUM

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
linux linux_kernel *
novell suse_linux_enterprise_debuginfo 11
novell suse_linux_enterprise_real_time_extension 11
CVE-2015-2566 LOW

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
novell suse_linux_for_vmware 11.0
novell suse_linux_sdk 11.0
novell suse_linux 11.0
CVE-2015-2567 LOW

Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security : Privileges.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
oracle mysql *
novell suse_linux_for_vmware 11.0
novell suse_linux_sdk 11.0
novell suse_linux 11.0
CVE-2015-2708 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2709 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 38.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
opensuse opensuse 13.2
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-2710 MEDIUM

Heap-based buffer overflow in the SVGTextFrame class in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code via crafted SVG graphics data in conjunction with a crafted Cascading Style Sheets (CSS) token sequence.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2713 MEDIUM

Use-after-free vulnerability in the SetBreaks function in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a document containing crafted text in conjunction with a Cascading Style Sheets (CSS) token sequence containing properties related to vertical text.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2716 HIGH

Buffer overflow in the XML parser in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 allows remote attackers to execute arbitrary code by providing a large amount of compressed XML data, a related issue to CVE-2015-1283.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2721 MEDIUM

Mozilla Network Security Services (NSS) before 3.19, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, Thunderbird before 38.1, and other products, does not properly determine state transitions for the TLS state machine, which allows man-in-the-middle attackers to defeat cryptographic protection mechanisms by blocking messages, as demonstrated by removing a forward-secrecy property by blocking a ServerKeyExchange message, aka a "SMACK SKIP-TLS" issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
debian debian_linux 7.0
mozilla network_security_services 3.19
oracle solaris 11.3
canonical ubuntu_linux 14.04
canonical ubuntu_linux 15.04
oracle vm_server 3.2
CVE-2015-2722 HIGH

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a shared worker.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2724 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
debian debian_linux 8.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
debian debian_linux 7.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 14.04
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2725 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0, Firefox ESR 38.x before 38.1, and Thunderbird before 38.1 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2726 HIGH

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 39.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_software_development_kit 12.0
oracle solaris 11.3
mozilla firefox *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-2728 HIGH

The IndexedDatabaseManager class in the IndexedDB implementation in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 misinterprets an unspecified IDBDatabase field as a pointer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors, related to a "type confusion" issue.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox_esr 31.3
mozilla firefox 31.1.1
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox 31.5.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox 31.5.3
mozilla firefox 31.5.1
mozilla firefox 31.3.0
mozilla firefox 38.0
CVE-2015-2730 MEDIUM

Mozilla Network Security Services (NSS) before 3.19.1, as used in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and other products, does not properly perform Elliptical Curve Cryptography (ECC) multiplications, which makes it easier for remote attackers to spoof ECDSA signatures via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-310,

Products Affected

Vendor Product Version
debian debian_linux 7.0
mozilla network_security_services *
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_software_development_kit 12.0
oracle solaris 11.3
oracle vm_server 3.2
novell suse_linux_enterprise_desktop 12.0
CVE-2015-2733 HIGH

Use-after-free vulnerability in the CanonicalizeXPCOMParticipant function in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 allows remote attackers to execute arbitrary code via vectors involving attachment of an XMLHttpRequest object to a dedicated worker.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 31.3
mozilla firefox 31.1.1
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
novell suse_linux_enterprise_desktop 11
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox 31.5.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox 31.5.3
mozilla firefox 31.5.1
mozilla firefox 31.3.0
mozilla firefox 38.0
CVE-2015-2735 HIGH

nsZipArchive.cpp in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
debian debian_linux 8.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 14.04
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2736 HIGH

The nsZipArchive::BuildFileList function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which allows remote attackers to have an unspecified impact via a crafted ZIP archive.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
debian debian_linux 8.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
debian debian_linux 7.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 14.04
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2739 HIGH

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
debian debian_linux 8.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
debian debian_linux 7.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 14.04
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2740 HIGH

Buffer overflow in the nsXMLHttpRequest::AppendToResponseText function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 might allow remote attackers to cause a denial of service or have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
debian debian_linux 8.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 14.10
novell suse_linux_enterprise_desktop 12.0
debian debian_linux 7.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
canonical ubuntu_linux 15.04
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla thunderbird *
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
canonical ubuntu_linux 12.04
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
canonical ubuntu_linux 14.04
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-2743 HIGH

PDF.js in Mozilla Firefox before 39.0 and Firefox ESR 31.x before 31.8 and 38.x before 38.1 enables excessive privileges for internal Workers, which might allow remote attackers to execute arbitrary code by leveraging a Same Origin Policy bypass.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-17,

Products Affected

Vendor Product Version
mozilla firefox_esr 31.0
mozilla firefox_esr 31.3
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_desktop 12.0
mozilla firefox_esr 31.2
mozilla firefox_esr 31.6.0
oracle solaris 11.3
mozilla firefox_esr 31.5.1
mozilla firefox 31.5.3
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox 31.1.0
mozilla firefox_esr 31.1.1
mozilla firefox_esr 31.5
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
mozilla firefox 31.1.1
mozilla firefox_esr 31.1
mozilla firefox_esr 31.7.0
mozilla firefox *
mozilla firefox_esr 31.3.0
mozilla firefox_esr 31.5.3
mozilla firefox_esr 31.1.0
mozilla firefox 31.5.2
mozilla firefox_esr 31.4
mozilla firefox 31.0
mozilla firefox_esr 31.5.2
mozilla firefox 31.5.1
mozilla firefox 31.3.0
CVE-2015-3043 HIGH

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in April 2015, a different vulnerability than CVE-2015-0347, CVE-2015-0350, CVE-2015-0352, CVE-2015-0353, CVE-2015-0354, CVE-2015-0355, CVE-2015-0360, CVE-2015-3038, CVE-2015-3041, and CVE-2015-3042.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-787,CWE-787,

Products Affected

Vendor Product Version
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_server_from_rhui 5.0
redhat enterprise_linux_desktop 6.0
novell suse_linux_enterprise_workstation_extension 12.0
redhat enterprise_linux_eus 6.6
redhat enterprise_linux_server 6.0
opensuse evergreen 11.4
novell suse_linux_enterprise_desktop 12.0
opensuse opensuse 13.1
opensuse opensuse 13.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_server_aus 6.6
adobe flash_player *
redhat enterprise_linux_desktop 5.0
novell suse_linux_enterprise_desktop 11.0
redhat enterprise_linux_server 5.0
redhat enterprise_linux_server_from_rhui 6.0
CVE-2015-3044 MEDIUM

Adobe Flash Player before 13.0.0.281 and 14.x through 17.x before 17.0.0.169 on Windows and OS X and before 11.2.202.457 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
adobe flash_player 15.0.0.189
redhat enterprise_linux_server_supplementary 6.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
redhat enterprise_linux_supplementary 5.0
adobe flash_player *
adobe flash_player 16.0.0.257
novell suse_linux_enterprise_desktop 11.0
adobe flash_player 17.0.0.134
adobe flash_player 14.0.0.176
adobe flash_player 15.0.0.152
adobe flash_player 16.0.0.287
adobe flash_player 14.0.0.145
adobe flash_player 15.0.0.239
adobe flash_player 16.0.0.235
opensuse opensuse 13.1
opensuse opensuse 13.2
redhat enterprise_linux_server_supplementary_eus 6.6.z
adobe flash_player 16.0.0.296
redhat enterprise_linux_workstation_supplementary 6.0
adobe flash_player 14.0.0.125
adobe flash_player 14.0.0.179
adobe flash_player 15.0.0.223
redhat enterprise_linux_desktop_supplementary 6.0
adobe flash_player 15.0.0.167
adobe flash_player 15.0.0.246
redhat enterprise_linux_desktop_supplementary 5.0
CVE-2015-4495 MEDIUM

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,CWE-346,

Products Affected

Vendor Product Version
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 11
redhat enterprise_linux_server_aus 7.3
novell suse_linux_enterprise_software_development_kit 12.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_eus 6.7
redhat enterprise_linux_server 6.0
novell suse_linux_enterprise_desktop 12.0
redhat enterprise_linux_eus 7.5
redhat enterprise_linux_workstation 5.0
oracle solaris 11.3
redhat enterprise_linux_server_aus 7.7
canonical ubuntu_linux 15.04
mozilla firefox_os *
suse linux_enterprise_software_development_kit 11
mozilla firefox_esr 38.0
redhat enterprise_linux_workstation 6.0
suse linux_enterprise_desktop 12
redhat enterprise_linux_eus 7.4
suse linux_enterprise_desktop 11
mozilla firefox_esr 38.0.5
novell suse_linux_enterprise_server 12.0
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_eus 7.2
mozilla firefox *
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_eus 7.6
mozilla firefox_esr 38.1.0
redhat enterprise_linux_eus 7.3
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
redhat enterprise_linux_eus 7.1
suse linux_enterprise_software_development_kit 12
opensuse opensuse 13.2
mozilla firefox_esr 38.0.1
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_aus 7.4
suse linux_enterprise_server 12
canonical ubuntu_linux 14.04
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 5.0
CVE-2015-5219 MEDIUM

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-704,

Products Affected

Vendor Product Version
debian debian_linux 8.0
suse linux_enterprise_debuginfo 11
suse linux_enterprise_server 11
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
debian debian_linux 7.0
redhat enterprise_linux_hpc_node 6.0
siemens tim_4r-ie_firmware *
suse openstack_cloud 5
suse linux_enterprise_server 10
canonical ubuntu_linux 15.10
canonical ubuntu_linux 15.04
fedoraproject fedora 23
fedoraproject fedora 22
novell leap 42.2
suse manager 2.1
redhat enterprise_linux_workstation 6.0
opensuse leap 42.1
siemens tim_4r-id_dnp3_firmware *
redhat enterprise_linux_desktop 6.0
suse manager_proxy 2.1
oracle linux 6
fedoraproject fedora 21
redhat enterprise_linux_hpc_node 7.0
canonical ubuntu_linux 12.04
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
canonical ubuntu_linux 14.04
ntp ntp *
CVE-2015-5968 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell filr *
CVE-2015-5970 MEDIUM

The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and read arbitrary text files, via a malformed query involving a system entity reference.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
novell zenworks_configuration_management 11.3.1
novell zenworks_configuration_management 11.4.1
novell zenworks_configuration_management 11.3.0
novell zenworks_configuration_management 11.3.2
novell zenworks_configuration_management 11.4.0
CVE-2015-6815 LOW

The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 3.5 LOW CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L 2.1 1.4

CVSS 2.0

Severity: LOW

Problem Type: CWE-835,

Products Affected

Vendor Product Version
arista eos 4.14
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_software_development_kit 12.0
arista eos 4.15
novell suse_linux_enterprise_desktop 12.0
xen xen 4.5.1
canonical ubuntu_linux 15.04
novell suse_linux_enterprise_desktop 11.0
fedoraproject fedora 23
fedoraproject fedora 22
redhat enterprise_linux 5.0
qemu qemu *
novell suse_linux_enterprise_server 11.0
redhat openstack 7.0
novell suse_linux_enterprise_server 12.0
fedoraproject fedora 21
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
redhat openstack 5.0
arista eos 4.12
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux 6.0
canonical ubuntu_linux 14.04
xen xen 4.4.3
redhat openstack 6.0
arista eos 4.13
CVE-2015-7566 MEDIUM

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a bulk-out endpoint.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_software_development_kit 11
novell suse_linux_enterprise_server 11
linux linux_kernel *
novell suse_linux_enterprise_real_time_extension 12
novell suse_linux_enterprise_debuginfo 11
novell suse_linux_enterprise_real_time_extension 11
CVE-2015-7833 MEDIUM

The usbvision driver in the Linux kernel package 3.10.0-123.20.1.el7 through 3.10.0-229.14.1.el7 in Red Hat Enterprise Linux (RHEL) 7.1 allows physically proximate attackers to cause a denial of service (panic) via a nonzero bInterfaceNumber value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-17,

Products Affected

Vendor Product Version
redhat enterprise_linux 7.1
novell suse_linux_enterprise_real_time_extension 12
CVE-2015-7976 MEDIUM

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
ntp ntp 4.3.25
ntp ntp 4.3.31
ntp ntp 4.3.22
ntp ntp 4.3.67
ntp ntp 4.3.53
ntp ntp 4.3.61
ntp ntp 4.3.59
ntp ntp 4.3.8
ntp ntp 4.3.21
ntp ntp 4.3.80
ntp ntp 4.3.34
suse linux_enterprise_server 10
ntp ntp 4.3.75
ntp ntp 4.3.5
ntp ntp 4.3.49
ntp ntp 4.3.69
ntp ntp 4.3.32
opensuse opensuse 13.2
ntp ntp 4.3.62
ntp ntp 4.3.39
ntp ntp 4.3.58
suse linux_enterprise_server 12
ntp ntp 4.3.63
ntp ntp 4.3.42
ntp ntp 4.3.4
ntp ntp 4.3.12
ntp ntp 4.3.33
ntp ntp 4.1.2
ntp ntp 4.3.48
ntp ntp 4.3.83
ntp ntp 4.3.45
ntp ntp 4.3.50
ntp ntp 4.3.13
ntp ntp 4.3.79
ntp ntp 4.3.26
ntp ntp 4.3.68
ntp ntp 4.3.44
ntp ntp 4.3.89
suse linux_enterprise_desktop 12
ntp ntp 4.3.52
ntp ntp 4.3.71
ntp ntp 4.3.16
ntp ntp 4.3.19
ntp ntp 4.3.3
ntp ntp 4.3.11
ntp ntp 4.3.35
ntp ntp 4.3.73
ntp ntp 4.3.30
ntp ntp 4.3.72
ntp ntp 4.3.0
ntp ntp 4.3.84
ntp ntp 4.3.7
ntp ntp 4.3.43
suse linux_enterprise_server 11
ntp ntp 4.3.10
ntp ntp 4.3.55
ntp ntp 4.3.9
ntp ntp 4.3.46
ntp ntp 4.3.24
ntp ntp 4.3.54
ntp ntp 4.3.76
ntp ntp 4.3.23
ntp ntp 4.3.65
ntp ntp 4.3.14
novell suse_openstack_cloud 5
opensuse leap 42.1
ntp ntp 4.3.60
ntp ntp 4.3.15
ntp ntp 4.3.6
ntp ntp 4.3.37
suse manager_proxy 2.1
ntp ntp 4.3.28
ntp ntp 4.3.29
ntp ntp 4.3.64
suse suse_linux_enterprise_server 12
ntp ntp 4.3.77
ntp ntp 4.3.38
ntp ntp 4.3.20
suse linux_enterprise_debuginfo 11
ntp ntp 4.3.2
ntp ntp 4.3.51
ntp ntp 4.3.56
ntp ntp 4.3.1
ntp ntp 4.3.57
ntp ntp 4.3.40
ntp ntp 4.3.70
ntp ntp 4.3.81
ntp ntp 4.3.88
ntp ntp 4.3.41
ntp ntp 4.3.74
ntp ntp 4.3.18
ntp ntp 4.3.78
suse manager 2.1
ntp ntp 4.3.47
ntp ntp 4.3.17
ntp ntp 4.3.66
ntp ntp 4.3.85
ntp ntp 4.3.27
ntp ntp 4.3.87
ntp ntp 4.3.82
ntp ntp 4.3.86
ntp ntp *
ntp ntp 4.3.36
CVE-2015-8550 MEDIUM

Xen, when used on a system providing PV backends, allows local guest OS administrators to cause a denial of service (host OS crash) or gain privileges by writing to memory shared between the frontend and backend, aka a double fetch vulnerability.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
xen xen -
novell suse_linux_enterprise_real_time_extension 12
CVE-2015-8552 LOW

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to generate a continuous stream of WARN messages and cause a denial of service (disk consumption) by leveraging a system with access to a passed-through MSI or MSI-X capable physical PCI device and XEN_PCI_OP_enable_msi operations, aka "Linux pciback missing sanity checks."

CVSS 2.0

Severity: LOW

Problem Type: CWE-20,

Products Affected

Vendor Product Version
xen xen 3.3.2
xen xen 4.2.5
debian debian_linux 6.0
xen xen 3.1.3
xen xen 3.4.4
xen xen 3.4.3
novell suse_linux_enterprise_debuginfo 11
xen xen 4.1.0
xen xen 4.0.1
xen xen 4.0.0
xen xen 4.2.3
xen xen 4.2.2
xen xen 4.3.0
xen xen 4.0.2
xen xen 4.2.1
xen xen 4.1.4
novell suse_linux_enterprise_real_time_extension 12
xen xen 3.1.4
xen xen 3.2.0
xen xen 4.2.4
xen xen 3.2.3
novell suse_linux_enterprise_real_time_extension 11
xen xen 4.1.1
xen xen 3.4.1
xen xen 4.1.5
xen xen 3.2.1
xen xen 3.3.1
xen xen 4.0.3
xen xen 4.2.0
canonical ubuntu_linux 12.04
xen xen 3.3.0
xen xen 4.1.2
xen xen 4.3.1
xen xen 4.3.2
xen xen 4.1.3
xen xen 3.4.2
xen xen 4.1.6.1
xen xen 4.1.6
xen xen 3.4.0
xen xen 4.3.4
xen xen 3.2.2
xen xen 4.0.4
xen xen 4.3.3
CVE-2015-8812 HIGH

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.10
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_real_time_extension 12
CVE-2015-8816 HIGH

The hub_activate function in drivers/usb/core/hub.c in the Linux kernel before 4.3.5 does not properly maintain a hub-interface data structure, which allows physically proximate attackers to cause a denial of service (invalid memory access and system crash) or possibly have unspecified other impact by unplugging a USB hub device.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.8 MEDIUM CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_module_for_public_cloud 12
suse linux_enterprise_live_patching 12
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_server 11
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_debuginfo 11
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_software_development_kit 11.0
suse linux_enterprise_server 12
linux linux_kernel *
novell suse_linux_enterprise_real_time_extension 12
novell suse_linux_enterprise_real_time_extension 11
CVE-2015-8845 MEDIUM

The tm_reclaim_thread function in arch/powerpc/kernel/process.c in the Linux kernel before 4.4.1 on powerpc platforms does not ensure that TM suspend mode exists before proceeding with a tm_reclaim call, which allows local users to cause a denial of service (TM Bad Thing exception and panic) via a crafted application.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
suse suse_linux_enterprise_module_for_public_cloud 12.0
suse suse_linux_enterprise_real_time_extension 12
suse suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_server 12.0
suse suse_linux_enterprise_software_development_kit 12.0
suse suse_linux_enterprise_workstation_extension 12.0
linux linux_kernel *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8918 MEDIUM

The archive_string_append function in archive_string.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (crash) via a crafted cab files, related to "overlapping memcpy."

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8919 MEDIUM

The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8920 MEDIUM

The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8921 MEDIUM

The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8922 MEDIUM

The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
oracle linux 7
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8923 MEDIUM

The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2015-8924 MEDIUM

The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
canonical ubuntu_linux 14.04
libarchive libarchive *
novell suse_linux_enterprise_desktop 12.0
CVE-2016-0363 MEDIUM

The com.ibm.CORBA.iiop.ClientDelegate class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) uses the invoke method of the java.lang.reflect.Method class in an AccessController doPrivileged block, which allows remote attackers to call setSecurityManager and bypass a sandbox protection mechanism via vectors related to a Proxy object instance implementing the java.lang.reflect.InvocationHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-3009.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
redhat satellite 5.6
novell suse_linux_enterprise_software_development_kit 12.0
redhat satellite 5.7
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_hpc_node_supplementary 6.0
ibm java_sdk *
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux_hpc_node_supplementary 7.0
redhat enterprise_linux_workstation 6.0
novell suse_linux_enterprise_server 11.0
novell suse_openstack_cloud 5
novell suse_linux_enterprise_server 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_eus 7.5
novell suse_manager_proxy 2.1
novell suse_linux_enterprise_module_for_legacy_software 12
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_desktop 7.0
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_server_eus 7.4
novell suse_manager 2.1
CVE-2016-0376 MEDIUM

The com.ibm.rmi.io.SunSerializableFactory class in IBM SDK, Java Technology Edition 6 before SR16 FP25 (6.0.16.25), 6 R1 before SR8 FP25 (6.1.8.25), 7 before SR9 FP40 (7.0.9.40), 7 R1 before SR3 FP40 (7.1.3.40), and 8 before SR3 (8.0.3.0) does not properly deserialize classes in an AccessController doPrivileged block, which allows remote attackers to bypass a sandbox protection mechanism and execute arbitrary code as demonstrated by the readValue method of the com.ibm.rmi.io.ValueHandlerPool.ValueHandlerSingleton class, which implements the javax.rmi.CORBA.ValueHandler interface. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-5456.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat satellite 5.6
novell suse_linux_enterprise_software_development_kit 12.0
redhat satellite 5.7
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_hpc_node_supplementary 6.0
redhat enterprise_linux_workstation 5.0
ibm java_sdk *
redhat enterprise_linux_server_eus 6.7
redhat enterprise_linux_hpc_node_supplementary 7.0
redhat enterprise_linux_workstation 6.0
novell suse_linux_enterprise_server 11.0
novell suse_openstack_cloud 5
novell suse_linux_enterprise_server 12.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server_eus 7.5
novell suse_manager_proxy 2.1
novell suse_linux_enterprise_module_for_legacy_software 12
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_desktop 7.0
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_server_eus 7.4
novell suse_manager 2.1
CVE-2016-1583 HIGH

The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
debian debian_linux 8.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_module_for_public_cloud 12
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.10
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
CVE-2016-1593 MEDIUM

Directory traversal vulnerability in the import users feature in Micro Focus Novell Service Desk before 7.2 allows remote authenticated administrators to upload and execute arbitrary JSP files via a .. (dot dot) in a filename within a multipart/form-data POST request to a LiveTime.woa URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell service_desk *
CVE-2016-1594 MEDIUM

Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to read arbitrary attachments via a request to a LiveTime.woa URL, as demonstrated by obtaining sensitive information via a (1) downloadLogFiles or (2) downloadFile action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell service_desk *
CVE-2016-1595 MEDIUM

LiveTime/WebObjects/LiveTime.woa/wa/DownloadAction/downloadFile in Micro Focus Novell Service Desk before 7.2 allows remote authenticated users to conduct Hibernate Query Language (HQL) injection attacks and obtain sensitive information via the entityName parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell service_desk *
CVE-2016-1596 LOW

Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, (2) tf_aClientFirstName, (3) tf_aClientLastName, (4) ta_selectedTopicContent, (5) tf_orgUnitName, (6) tf_aManufacturerFullName, (7) tf_aManufacturerName, (8) tf_aManufacturerAddress, or (9) tf_aManufacturerCity parameter.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell service_desk *
CVE-2016-1598 LOW

XSS in NetIQ IDM 4.5 Identity Applications before 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell identity_manager 4.5
novell identity_manager_identity_applications *
CVE-2016-1603 MEDIUM

An information leak in the NetIQ IDM ServiceNow Driver before 1.0.0.1 could expose cryptographic attributes to logged-in users.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell netiq_idm_servicenow_driver *
CVE-2016-1607 MEDIUM

Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr before 2.0 Security Update 2 allow remote attackers to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time request.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
novell filr *
CVE-2016-1608 HIGH

vaconfig/time in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-284,

Products Affected

Vendor Product Version
novell filr *
CVE-2016-1609 LOW

Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element in the phone field of a user profile.

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell filr *
CVE-2016-1610 MEDIUM

Directory traversal vulnerability in the email-template feature in Novell Filr before 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote attackers to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
novell filr *
CVE-2016-1611 HIGH

Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell filr *
CVE-2016-1629 HIGH

Google Chrome before 48.0.2564.116 allows remote attackers to bypass the Blink Same Origin Policy and a sandbox protection mechanism via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
google chrome *
opensuse opensuse 13.2
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse leap 42.1
CVE-2016-1657 MEDIUM

The WebContentsImpl::FocusLocationBarByDefault function in content/browser/web_contents/web_contents_impl.cc in Google Chrome before 50.0.2661.75 mishandles focus for certain about:blank pages, which allows remote attackers to spoof the address bar via a crafted URL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
google chrome *
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse leap 42.1
CVE-2016-1658 MEDIUM

The Extensions subsystem in Google Chrome before 50.0.2661.75 incorrectly relies on GetOrigin method calls for origin comparisons, which allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted extension.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,CWE-284,

Products Affected

Vendor Product Version
google chrome *
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse leap 42.1
CVE-2016-1704 MEDIUM

Multiple unspecified vulnerabilities in Google Chrome before 51.0.2704.103 allow attackers to cause a denial of service or possibly have other impact via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
redhat enterprise_linux_workstation 6.0
google chrome *
opensuse opensuse 13.2
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse leap 42.1
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 6.0
canonical ubuntu_linux 14.04
redhat enterprise_linux_server 6.0
CVE-2016-1952 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 38.5.0
mozilla firefox 38.0.1
mozilla firefox 38.3.0
mozilla firefox 38.0.5
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.6.0
oracle linux 5.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox_esr 38.0.5
mozilla firefox_esr 38.3.0
mozilla firefox 38.2.1
opensuse leap 42.1
mozilla firefox_esr 38.2.1
mozilla thunderbird *
mozilla firefox *
oracle linux 6
mozilla firefox_esr 38.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.1
oracle linux 7
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox 38.1.1
mozilla firefox 38.1.0
mozilla firefox_esr 38.1.1
CVE-2016-1953 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 38.5.0
mozilla firefox 38.0.1
mozilla firefox 38.3.0
mozilla firefox 38.0.5
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.6.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox_esr 38.0.5
mozilla firefox_esr 38.3.0
mozilla firefox 38.2.1
opensuse leap 42.1
mozilla firefox_esr 38.2.1
mozilla thunderbird *
mozilla firefox *
mozilla firefox_esr 38.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.1
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox 38.1.1
mozilla firefox 38.1.0
mozilla firefox_esr 38.1.1
CVE-2016-1954 MEDIUM

The nsCSPContext::SendReports function in dom/security/nsCSPContext.cpp in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 does not prevent use of a non-HTTP report-uri for a Content Security Policy (CSP) violation report, which allows remote attackers to cause a denial of service (data overwrite) or possibly gain privileges by specifying a URL of a local file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
mozilla firefox 38.5.0
mozilla firefox 38.0.1
mozilla firefox 38.3.0
mozilla firefox 38.0.5
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.6.0
oracle linux 5.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox_esr 38.0.5
mozilla firefox_esr 38.3.0
mozilla firefox 38.2.1
opensuse leap 42.1
mozilla firefox_esr 38.2.1
mozilla thunderbird *
mozilla firefox *
oracle linux 6
mozilla firefox_esr 38.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.1
oracle linux 7
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox 38.1.1
mozilla firefox 38.1.0
mozilla firefox_esr 38.1.1
CVE-2016-1955 MEDIUM

Mozilla Firefox before 45.0 allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by reading a Content Security Policy (CSP) violation report that contains path information associated with an IFRAME element.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
opensuse opensuse 13.2
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse leap 42.1
mozilla firefox *
CVE-2016-1956 HIGH

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service (memory consumption or stack memory corruption) by triggering use of a WebGL shader.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-399,

Products Affected

Vendor Product Version
opensuse opensuse 13.1
opensuse opensuse 13.2
novell suse_package_hub_for_suse_linux_enterprise 12
opensuse leap 42.1
mozilla firefox *
CVE-2016-1957 MEDIUM

Memory leak in libstagefright in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7 allows remote attackers to cause a denial of service (memory consumption) via an MPEG-4 file that triggers a delete operation on an array.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
mozilla firefox 38.5.0
mozilla firefox 38.0.1
mozilla firefox 38.3.0
mozilla firefox 38.0.5
mozilla firefox 38.2.0
mozilla firefox_esr 38.4.0
mozilla firefox_esr 38.2.0
mozilla firefox 38.6.0
oracle linux 5.0
mozilla firefox 38.6.1
mozilla firefox 38.4.0
mozilla firefox 38.0
mozilla firefox_esr 38.0
mozilla firefox_esr 38.0.5
mozilla firefox_esr 38.3.0
mozilla firefox 38.2.1
opensuse leap 42.1
mozilla firefox_esr 38.2.1
mozilla thunderbird *
mozilla firefox *
oracle linux 6
mozilla firefox_esr 38.1.0
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr 38.0.1
mozilla firefox 38.5.1
oracle linux 7
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox 38.1.1
mozilla firefox 38.1.0
mozilla firefox_esr 38.1.1
CVE-2016-2184 MEDIUM

The create_fixed_stream_quirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference or double free, and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-2185 MEDIUM

The ati_remote2_probe function in drivers/input/misc/ati_remote2.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-2186 MEDIUM

The powermate_probe function in drivers/input/misc/powermate.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-2187 MEDIUM

The gtco_probe function in drivers/input/tablet/gtco.c in the Linux kernel through 4.5.2 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 11
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_debuginfo 11
CVE-2016-2188 MEDIUM

The iowarrior_probe function in drivers/usb/misc/iowarrior.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-2384 MEDIUM

Double free vulnerability in the snd_usbmidi_create function in sound/usb/midi.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (panic) or possibly have unspecified other impact via vectors involving an invalid USB descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
linux linux_kernel *
novell suse_linux_enterprise_real_time_extension 12
CVE-2016-2815 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
opensuse leap 42.1
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox *
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
opensuse opensuse 13.2
mozilla firefox_esr *
canonical ubuntu_linux 15.10
canonical ubuntu_linux 14.04
CVE-2016-2818 MEDIUM

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 47.0 and Firefox ESR 45.x before 45.2 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-119,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_for_ibm_z_systems 7.0
debian debian_linux 8.0
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox 45.1.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
novell suse_linux_enterprise_desktop 12.0
redhat enterprise_linux_for_ibm_z_systems_eus 7.2
redhat enterprise_linux_workstation 5.0
redhat enterprise_linux_for_power_little_endian 7.0
redhat enterprise_linux_for_ibm_z_systems 6.0
canonical ubuntu_linux 15.10
redhat enterprise_linux_for_power_big_endian 6.0
redhat enterprise_linux_for_power_big_endian_eus 7.2
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_for_ibm_z_systems 5.0
redhat enterprise_linux_for_power_big_endian 7.0
novell suse_linux_enterprise_server 12.0
mozilla firefox_esr 45.1.1
opensuse leap 42.1
redhat enterprise_linux_for_scientific_computing 6.0
mozilla firefox *
canonical ubuntu_linux 16.04
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_for_power_big_endian 5.0
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
opensuse opensuse 13.2
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr 45.1.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_desktop 7.0
mozilla firefox 45.1.1
redhat enterprise_linux_for_power_little_endian_eus 7.2
canonical ubuntu_linux 14.04
redhat enterprise_linux_desktop 5.0
redhat enterprise_linux_server 5.0
CVE-2016-2834 HIGH

Mozilla Network Security Services (NSS) before 3.23, as used in Mozilla Firefox before 47.0, allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly have unspecified other impact via unknown vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
opensuse leap 42.1
novell suse_linux_enterprise_software_development_kit 12.0
mozilla firefox *
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
opensuse opensuse 13.1
mozilla network_security_services *
opensuse opensuse 13.2
canonical ubuntu_linux 15.10
canonical ubuntu_linux 14.04
CVE-2016-2847 MEDIUM

fs/pipe.c in the Linux kernel before 4.5 does not limit the amount of unread data in pipes, which allows local users to cause a denial of service (memory consumption) by creating many pipes with non-default sizes.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-399,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3134 HIGH

The netfilter subsystem in the Linux kernel through 4.5.2 does not validate certain offset fields, which allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3136 MEDIUM

The mct_u232_msr_to_state function in drivers/usb/serial/mct_u232.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device without two interrupt-in endpoint descriptors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_live_patching 12.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3137 MEDIUM

drivers/usb/serial/cypress_m8.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both an interrupt-in and an interrupt-out endpoint descriptor, related to the cypress_generic_port_probe and cypress_open functions.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3138 MEDIUM

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data endpoint descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3139 MEDIUM

The wacom_probe function in drivers/input/tablet/wacom_sys.c in the Linux kernel before 3.17 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3140 MEDIUM

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB device descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3156 LOW

The IPv4 implementation in the Linux kernel before 4.5.2 mishandles destruction of device objects, which allows guest OS users to cause a denial of service (host OS networking outage) by arranging for a large number of IP addresses.

CVSS 2.0

Severity: LOW

Problem Type: CWE-399,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3672 MEDIUM

The arch_pick_mmap_layout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDR_NO_RANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid or setgid program, by disabling stack-consumption resource limits.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_real_time_extension 12.0
canonical ubuntu_linux 15.10
novell suse_linux_enterprise_live_patching 12.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3689 MEDIUM

The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_live_patching 12.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-3707 MEDIUM

The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package before 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote attackers to execute SysRq commands via crafted ICMP Echo Request packets, as demonstrated by a brute-force attack to discover a cookie, or an attack that occurs after reading the local icmp_echo_sysrq file.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
redhat enterprise_linux_for_real_time 7
redhat enterprise_linux_for_real_time_for_nfv 7
novell suse_linux_enterprise_real_time_extension 12.0
linux linux_kernel-rt *
CVE-2016-3951 MEDIUM

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invalid USB descriptor.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_module_for_public_cloud 12
linux linux_kernel 4.5.0
novell suse_linux_enterprise_server 12.0
suse suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12
canonical ubuntu_linux 12.04
canonical ubuntu_linux 15.10
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_real_time_extension 12
CVE-2016-4303 HIGH

The parse_string function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
opensuse opensuse 13.2
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
iperf3_project iperf3 *
opensuse leap 42.1
CVE-2016-4470 MEDIUM

The key_reject_and_link function in security/keys/key.c in the Linux kernel through 4.6.3 does not ensure that a certain data structure is initialized, which allows local users to cause a denial of service (system crash) via vectors involving a crafted keyctl request2 command.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_for_real_time 7.0
oracle vm_server 3.4
redhat enterprise_mrg 2.0
oracle vm_server 3.3
redhat enterprise_linux_workstation 7.0
oracle linux 6
redhat enterprise_linux_hpc_node 7.0
oracle linux 7
oracle linux 5.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_eus 7.2
novell suse_linux_enterprise_real_time_extension 12.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_hpc_node_eus 7.0
redhat enterprise_linux 6.0
linux linux_kernel *
CVE-2016-4482 LOW

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTINFO ioctl call.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_workstation_extension 12.0
fedoraproject fedora 24
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
canonical ubuntu_linux 15.10
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-4485 MEDIUM

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_server 11
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_debuginfo 11
CVE-2016-4486 LOW

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
canonical ubuntu_linux 15.10
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-4569 LOW

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
canonical ubuntu_linux 15.10
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-4805 HIGH

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-416,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 11.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
novell suse_linux_enterprise_workstation_extension 12.0
novell opensuse_leap 42.1
oracle linux 6
novell suse_linux_enterprise_real_time_extension 11.0
novell suse_linux_enterprise_desktop 12.0
redhat enterprise_linux 7.0
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_real_time_extension 12.0
novell suse_linux_enterprise_software_development_kit 11.0
redhat enterprise_linux 6.0
linux linux_kernel *
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-4913 HIGH

The get_rock_ridge_filename function in fs/isofs/rock.c in the Linux kernel before 4.5.5 mishandles NM (aka alternate name) entries containing \0 characters, which allows local users to obtain sensitive information from kernel memory or possibly have unspecified other impact via a crafted isofs filesystem.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
novell suse_linux_enterprise_debuginfo 11.0
novell suse_linux_enterprise_server 11.0
canonical ubuntu_linux 15.10
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_software_development_kit 11.0
linux linux_kernel *
canonical ubuntu_linux 14.04
oracle linux 6
CVE-2016-4955 MEDIUM

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.9 MEDIUM CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H 2.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-362,

Products Affected

Vendor Product Version
suse linux_enterprise_desktop 12
suse linux_enterprise_server 11
opensuse leap 42.1
suse manager_proxy 2.1
oracle solaris 10
opensuse opensuse 13.2
ntp ntp 4.2.8
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
siemens simatic_net_cp_443-1_opc_ua_firmware *
ntp ntp *
novell suse_manager 2.1
CVE-2016-4956 MEDIUM

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
suse linux_enterprise_desktop 12
suse linux_enterprise_server 11
opensuse leap 42.1
suse manager_proxy 2.1
oracle solaris 10
opensuse opensuse 13.2
ntp ntp 4.2.8
suse openstack_cloud 5
oracle solaris 11.3
suse linux_enterprise_server 12
siemens simatic_net_cp_443-1_opc_ua_firmware *
ntp ntp *
novell suse_manager 2.1
CVE-2016-4957 MEDIUM

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
suse linux_enterprise_desktop 12
suse linux_enterprise_server 11
opensuse leap 42.1
suse manager_proxy 2.1
oracle solaris 10
opensuse opensuse 13.2
ntp ntp 4.2.8
suse openstack_cloud 5
oracle solaris 11.3
ntp ntp 4.3.92
suse linux_enterprise_server 12
novell suse_manager 2.1
CVE-2016-4997 HIGH

The compat IPT_SO_SET_REPLACE and IP6T_SO_SET_REPLACE setsockopt implementations in the netfilter subsystem in the Linux kernel before 4.6.3 allow local users to gain privileges or cause a denial of service (memory corruption) by leveraging in-container root access to provide a crafted offset value that triggers an unintended decrement.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
debian debian_linux 8.0
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
novell suse_linux_enterprise_live_patching 12.0
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_workstation_extension 12.0
novell suse_linux_enterprise_desktop 12.0
canonical ubuntu_linux 12.04
oracle linux 7
novell suse_linux_enterprise_real_time_extension 12.0
canonical ubuntu_linux 15.10
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_module_for_public_cloud 12.0
CVE-2016-5747 MEDIUM

A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-284,

Products Affected

Vendor Product Version
novell edirectory *
CVE-2016-5759 MEDIUM

The mkdumprd script called "dracut" in the current working directory "." allows local users to trick the administrator into executing code as root.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
opensuse leap 42.1
novell suse_linux_enterprise_desktop 12.0
CVE-2016-5760 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allow remote attackers to inject arbitrary web script or HTML via the (1) token parameter to gwadmin-console/install/login.jsp or (2) PATH_INFO to gwadmin-console/index.jsp.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 2014
CVE-2016-5761 MEDIUM

Cross-site scripting (XSS) vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 2014
CVE-2016-5762 HIGH

Integer overflow in the Post Office Agent in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 might allow remote attackers to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-190,

Products Affected

Vendor Product Version
novell groupwise *
novell groupwise 2014
CVE-2016-5763 MEDIUM

Vulnerability in Novell Open Enterprise Server (OES2015 SP1 before Scheduled Maintenance Update 10992, OES2015 before Scheduled Maintenance Update 10990, OES11 SP3 before Scheduled Maintenance Update 10991, OES11 SP2 before Scheduled Maintenance Update 10989) might allow authenticated remote attackers to perform unauthorized file access and modification.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-254,

Products Affected

Vendor Product Version
novell open_enterprise_server_2015 *
novell open_enterprise_server_11 *
CVE-2016-5828 HIGH

The start_thread function in arch/powerpc/kernel/process.c in the Linux kernel through 4.6.3 on powerpc platforms mishandles transactional state, which allows local users to cause a denial of service (invalid process state or TM Bad Thing exception, and system crash) or possibly have unspecified other impact by starting and suspending a transaction before an exec system call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
debian debian_linux 8.0
canonical ubuntu_linux 16.04
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_real_time_extension 12
CVE-2016-5829 HIGH

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
canonical ubuntu_linux 12.04
debian debian_linux 8.0
canonical ubuntu_linux 16.04
linux linux_kernel *
canonical ubuntu_linux 14.04
novell suse_linux_enterprise_real_time_extension 12
CVE-2016-6304 HIGH

Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-401,

Products Affected

Vendor Product Version
openssl openssl 1.0.2a
openssl openssl 1.0.1j
openssl openssl 1.0.2e
openssl openssl 1.0.1e
openssl openssl 1.0.1f
openssl openssl 1.0.1i
openssl openssl 1.0.1t
openssl openssl 1.0.1g
openssl openssl 1.0.2b
openssl openssl 1.0.1m
nodejs node.js *
openssl openssl 1.1.0
openssl openssl 1.0.1c
openssl openssl 1.0.1k
openssl openssl 1.0.1s
openssl openssl 1.0.1o
openssl openssl 1.0.1q
openssl openssl 1.0.1h
novell suse_linux_enterprise_module_for_web_scripting 12.0
openssl openssl 1.0.2c
openssl openssl 1.0.1b
openssl openssl 1.0.1p
openssl openssl 1.0.1
openssl openssl 1.0.1d
openssl openssl 1.0.2d
openssl openssl 1.0.1r
openssl openssl 1.0.2f
openssl openssl 1.0.1n
openssl openssl 1.0.2h
openssl openssl 1.0.2
openssl openssl 1.0.1a
openssl openssl 1.0.1l
CVE-2016-6306 MEDIUM

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-125,

Products Affected

Vendor Product Version
openssl openssl 1.0.2a
debian debian_linux 8.0
hp icewall_sso 10.0
openssl openssl 1.0.1j
openssl openssl 1.0.2e
openssl openssl 1.0.1e
openssl openssl 1.0.1f
openssl openssl 1.0.1i
openssl openssl 1.0.1t
openssl openssl 1.0.1g
openssl openssl 1.0.2b
openssl openssl 1.0.1m
nodejs node.js *
openssl openssl 1.0.1c
hp icewall_sso_agent_option 10.0
openssl openssl 1.0.1k
openssl openssl 1.0.1s
openssl openssl 1.0.1o
openssl openssl 1.0.1q
openssl openssl 1.0.1h
hp icewall_federation_agent 3.0
canonical ubuntu_linux 16.04
novell suse_linux_enterprise_module_for_web_scripting 12.0
openssl openssl 1.0.2c
openssl openssl 1.0.1b
canonical ubuntu_linux 12.04
openssl openssl 1.0.1p
openssl openssl 1.0.1
openssl openssl 1.0.1d
hp icewall_mcrp 3.0
canonical ubuntu_linux 14.04
openssl openssl 1.0.2d
openssl openssl 1.0.1r
openssl openssl 1.0.2f
openssl openssl 1.0.1n
openssl openssl 1.0.2h
openssl openssl 1.0.2
openssl openssl 1.0.1a
openssl openssl 1.0.1l
CVE-2016-7052 MEDIUM

crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) by triggering a CRL operation.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
nodejs node.js *
novell suse_linux_enterprise_module_for_web_scripting 12.0
openssl openssl 1.0.2i
CVE-2016-7796 MEDIUM

The manager_dispatch_notify_fd function in systemd allows local users to cause a denial of service (system hang) via a zero-length message received over a notify socket, which causes an error to be returned and the notification handler to be disabled.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
systemd_project systemd 209
systemd_project systemd 213
systemd_project systemd 229
novell suse_linux_enterprise_server 12.0
systemd_project systemd 214
novell suse_linux_enterprise_software_development_kit 12.0
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_hpc_node 7.0
novell suse_linux_enterprise_desktop 12
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
novell suse_linux_enterprise_server_for_sap 12.0
CVE-2016-9167 MEDIUM

NDSD in Novell eDirectory before 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
novell edirectory *
CVE-2016-9168 MEDIUM

A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory before 9.0.2 could be used by remote attackers for clickjacking.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
novell edirectory *
CVE-2016-9169 MEDIUM

A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise before 2014 R2 Support Pack 1 Hot Patch 2 that may enable a remote attacker to execute JavaScript in the context of a valid user's browser session by getting the user to click on a specially crafted link. This could lead to session compromise or other browser-based attacks.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
novell groupwise 2014
CVE-2016-9960 LOW

game-music-emu before 0.6.1 allows local users to cause a denial of service (divide by zero and process crash).

CVSS 2.0

Severity: LOW

Problem Type: CWE-369,

Products Affected

Vendor Product Version
game-music-emu_project game-music-emu *
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
fedoraproject fedora 25
opensuse_project leap 42.1
fedoraproject fedora 24
opensuse leap 42.2
novell suse_linux_enterprise_desktop 12.0
CVE-2016-9961 HIGH

game-music-emu before 0.6.1 mishandles unspecified integer values.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-189,

Products Affected

Vendor Product Version
game-music-emu_project game-music-emu *
novell suse_linux_enterprise_server 12.0
novell suse_linux_enterprise_software_development_kit 12.0
fedoraproject fedora 25
opensuse_project leap 42.1
fedoraproject fedora 24
opensuse leap 42.2
novell suse_linux_enterprise_desktop 12.0
CVE-2017-1000366 HIGH

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
debian debian_linux 8.0
suse linux_enterprise_server 11
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server 6.6
redhat enterprise_linux_server_aus 6.2
novell suse_linux_enterprise_desktop 12.0
suse linux_enterprise_server 10
redhat enterprise_linux_server_eus 6.7
debian debian_linux 9.0
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_server_tus 6.5
redhat enterprise_linux_desktop 6.0
opensuse leap 42.2
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux 7.0
novell suse_linux_enterprise_point_of_sale 11.0
redhat enterprise_linux_server_aus 7.6
gnu glibc *
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server_aus 7.4
suse linux_enterprise_server 12
redhat enterprise_linux_server_eus 6.2
suse linux_enterprise_software_development_kit 11.0
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_server_tus 6.6
redhat enterprise_linux_server_aus 5.9
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_workstation 7.0
redhat enterprise_linux_server 6.0
suse linux_enterprise_for_sap 12
redhat enterprise_linux_server_aus 6.6
redhat enterprise_linux_server_aus 6.5
redhat enterprise_linux 5
redhat enterprise_linux_workstation 6.0
novell suse_linux_enterprise_server 11.0
suse linux_enterprise_server_for_raspberry_pi 12
mcafee web_gateway *
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_aus 6.4
redhat enterprise_linux_server 7.0
openstack cloud_magnum_orchestration 7
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux 6.0
redhat enterprise_linux_server_eus 6.5
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_server_eus 7.4
suse linux_enterprise_software_development_kit 12.0
redhat enterprise_linux_server_long_life 5.9
CVE-2017-13704 MEDIUM

In dnsmasq before 2.78, if the DNS packet size does not match the expected size, the size parameter in a memset call gets a negative value. As it is an unsigned value, memset ends up writing up to 0xffffffff zero's (0xffffffffffffffff in 64 bit platforms), making dnsmasq crash.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
fedoraproject fedora 27
canonical ubuntu_linux 16.04
thekelleys dnsmasq *
redhat enterprise_linux_workstation 7.0
debian debian_linux 7.0
novell leap 42.3
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
debian debian_linux 7.1
canonical ubuntu_linux 14.04
debian debian_linux 9.0
canonical ubuntu_linux 17.04
novell leap 42.2
CVE-2017-14494 MEDIUM

dnsmasq before 2.78, when configured as a relay, allows remote attackers to obtain sensitive memory information via vectors involving handling DHCPv6 forwarded requests.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-200,

Products Affected

Vendor Product Version
canonical ubuntu_linux 16.04
thekelleys dnsmasq *
redhat enterprise_linux_workstation 7.0
debian debian_linux 7.0
novell leap 42.3
redhat enterprise_linux_server 7.0
redhat enterprise_linux_desktop 7.0
debian debian_linux 7.1
canonical ubuntu_linux 14.04
debian debian_linux 9.0
canonical ubuntu_linux 17.04
novell leap 42.2
CVE-2017-14496 HIGH

Integer underflow in the add_pseudoheader function in dnsmasq before 2.78 , when the --add-mac, --add-cpe-id or --add-subnet option is specified, allows remote attackers to cause a denial of service via a crafted DNS request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-191,

Products Affected

Vendor Product Version
google android 6.0.1
google android 7.1.2
canonical ubuntu_linux 16.04
thekelleys dnsmasq *
redhat enterprise_linux_workstation 7.0
google android 7.0
google android 4.4.4
debian debian_linux 7.0
novell leap 42.3
google android 5.1.1
redhat enterprise_linux_server 7.0
google android 8.0
redhat enterprise_linux_desktop 7.0
google android 5.0.2
debian debian_linux 7.1
canonical ubuntu_linux 14.04
google android 7.1.1
debian debian_linux 9.0
google android 6.0
canonical ubuntu_linux 17.04
novell leap 42.2
CVE-2017-5182 HIGH

Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OES2015 SP1 before Maintenance Update 11080, OES2015 before Maintenance Update 11079, OES11 SP3 before Maintenance Update 11078, OES11 SP2 before Maintenance Update 11077).

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,CWE-200,

Products Affected

Vendor Product Version
novell open_enterprise_server 2015
novell open_enterprise_server 11.0
novell open_enterprise_server 2.0
CVE-2017-5186 MEDIUM

Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-327,

Products Affected

Vendor Product Version
netiq edirectory 9.0.2
netiq imanager 3.0
netiq imanager 3.0.1
netiq edirectory 9.0.1
netiq imanager 3.0.2
novell imanager *
netiq edirectory 9.0
novell edirectory *
CVE-2017-7430 MEDIUM

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a persistent XSS vulnerability in Framework.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
netiq imanager 3.0
novell imanager 2.7
netiq imanager 3.0.1
netiq imanager 3.0.3.1
netiq imanager 3.0.2
netiq imanager 3.0.2.1
netiq imanager 3.0.3
CVE-2017-7431 MEDIUM

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have persistent CSRF in object management.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
netiq imanager 3.0
novell imanager 2.7
netiq imanager 3.0.1
netiq imanager 3.0.3.1
netiq imanager 3.0.2
netiq imanager 3.0.2.1
netiq imanager 3.0.3
CVE-2017-7432 HIGH

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
netiq imanager 3.0
novell imanager 2.7
netiq imanager 3.0.1
netiq imanager 3.0.3.1
netiq imanager 3.0.2
netiq imanager 3.0.2.1
netiq imanager 3.0.3
CVE-2017-7995 LOW

Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions before 4.5.x to be EOL.

CVSS 2.0

Severity: LOW

Problem Type: CWE-200,

Products Affected

Vendor Product Version
suse manager 2.1
novell suse_linux_enterprise_point_of_sale 11.0
novell suse_linux_enterprise_server 11.0
xen xen *
suse openstack_cloud 5
suse manager_proxy 2.1
CVE-2017-8932 MEDIUM

A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by submitting crafted points and observing failures to the derive correct output. This leads to a full key recovery attack against static ECDH, as used in popular JWT libraries.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-682,

Products Affected

Vendor Product Version
golang go *
novell suse_package_hub_for_suse_linux_enterprise 12
golang go 1.8
golang go 1.8.1
fedoraproject fedora 25
opensuse leap 42.2
CVE-2017-9267 MEDIUM

In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-757,NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell edirectory *
CVE-2017-9277 MEDIUM

The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
novell edirectory 9.0
novell edirectory *
CVE-2019-11338 MEDIUM

libavcodec/hevcdec.c in FFmpeg 3.4 and 4.1.2 mishandles detection of duplicate first slices, which allows remote attackers to cause a denial of service (NULL pointer dereference and out-of-array access) or possibly have unspecified other impact via crafted HEVC data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-476,

Products Affected

Vendor Product Version
canonical ubuntu_linux 19.04
ffmpeg ffmpeg 3.4
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
ffmpeg ffmpeg 4.1.2
canonical ubuntu_linux 18.04
canonical ubuntu_linux 16.04
debian debian_linux 9.0
canonical ubuntu_linux 18.10
canonical ubuntu_linux 20.04
CVE-2019-11717 MEDIUM

A vulnerability exists where the caret ("^") character is improperly escaped constructing some URIs due to it being used as a separator, allowing for possible spoofing of origin attributes. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-116,

Products Affected

Vendor Product Version
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr *
mozilla thunderbird *
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2019-13730 MEDIUM

Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,CWE-843,

Products Affected

Vendor Product Version
redhat enterprise_linux_workstation 6.0
google chrome *
fedoraproject fedora 30
opensuse backports sle-15
novell suse_package_hub_for_suse_linux_enterprise 12
debian debian_linux 10.0
fedoraproject fedora 31
redhat enterprise_linux_for_scientific_computing 6.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_server 6.0
debian debian_linux 9.0
CVE-2019-9811 MEDIUM

As part of a winning Pwn2Own entry, a researcher demonstrated a sandbox escape by installing a malicious language pack and then opening a browser feature that used the compromised translation. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.3 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H 1.6 6.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-74,

Products Affected

Vendor Product Version
debian debian_linux 8.0
novell suse_package_hub_for_suse_linux_enterprise 12
mozilla firefox_esr *
mozilla thunderbird *
mozilla firefox *
opensuse leap 15.0
opensuse leap 15.1
CVE-2020-8118 MEDIUM

An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed to detect local and remote services when adding a new subscription in the calendar application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.0 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N 3.1 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-918,CWE-918,

Products Affected

Vendor Product Version
novell suse_linux_enterprise_server 12.0
nextcloud nextcloud_server *
opensuse backports_sle 15.0
CVE-2024-12084

A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
novell suse_linux -
gentoo linux -
tritondatacenter smartos *
redhat enterprise_linux 10.0
almalinux almalinux 10.0
samba rsync 3.2.7
nixos nixos 24.11
archlinux arch_linux -
nixos nixos *
samba rsync 3.3.0
CVE-2024-12088

A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
secalert@redhat.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N 3.9 3.6

Products Affected

Vendor Product Version
almalinux almalinux 8.0
redhat discovery 1.14
redhat enterprise_linux_for_arm_64 8.0_aarch64
redhat openshift_container_platform 4.0
archlinux arch_linux -
nixos nixos *
redhat enterprise_linux_for_power_little_endian 9.0_ppc64le
redhat enterprise_linux_for_ibm_z_systems 8.0_s390x
novell suse_linux -
redhat enterprise_linux_for_arm_64 9.0_aarch64
tritondatacenter smartos *
samba rsync *
redhat enterprise_linux_eus 9.6
redhat enterprise_linux_for_power_little_endian_eus 9.6_ppc64le
gentoo linux -
redhat enterprise_linux 9.0
redhat enterprise_linux_update_services_for_sap_solutions 9.6
redhat enterprise_linux 10.0
almalinux almalinux 10.0
redhat enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions 9.6_ppc64le
redhat enterprise_linux_for_ibm_z_systems 9.0_s390x
redhat enterprise_linux 7.0
redhat enterprise_linux_for_ibm_z_systems_eus 9.6_s390x
redhat enterprise_linux_for_arm_64_eus 9.6_aarch64
almalinux almalinux 9.0
redhat enterprise_linux 6.0
redhat enterprise_linux_server_aus 9.6
redhat enterprise_linux 8.0
redhat enterprise_linux_for_power_little_endian 8.0_ppc64le