Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell access manager vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2009-4878
Unspecified vulnerability in the Administration Console in Novell Access Manager prior to 3.1 SP1 allows malicious users to access system files via unknown attack vectors.
Novell Access Manager
Novell Access Manager 3
NA
CVE-2009-4879
The Identity Server in Novell Access Manager prior to 3.1 SP1 allows attackers with disabled Active Directory accounts to authenticate using X.509 authentication, which bypasses intended access restrictions.
Novell Access Manager 3
Novell Access Manager
NA
CVE-2007-1309
Novell Access Management 3 SSLVPN Server allows remote authenticated users to bypass VPN restrictions by making policy.txt read-only, disconnecting, then manually modifying policy.txt.
Novell Access Manager 3
1 Article
NA
CVE-2007-3570
The Linux Access Gateway in Novell Access Manager prior to 3.0 SP1 Release Candidate 1 (RC1) allows remote malicious users to bypass unspecified security controls via Fullwidth/Halfwidth Unicode encoded data in a HTTP POST request.
Novell Access Manager 3
NA
CVE-2008-6722
Novell Access Manager 3 SP4 does not properly expire X.509 certificate sessions, which allows physically proximate malicious users to obtain a logged-in session by using a victim's web-browser process that continues to send the original and valid SSL sessionID, related to in...
Novell Access Manager 3
NA
CVE-2007-0110
Cross-site scripting (XSS) vulnerability in nidp/idff/sso in Novell Access Manager Identity Server prior to 3.0.0-1013 allows remote malicious users to inject arbitrary web script or HTML via the IssueInstant parameter, which is not properly handled in the resulting error message...
Novell Access Manager Identity Server
1 EDB exploit
6.1
CVSSv3
CVE-2017-9276
Novell Access Manager iManager prior to 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.
Netiq Access Manager
6.1
CVSSv3
CVE-2017-14802
Novell Access Manager Admin Console and IDP servers prior to 4.3.3 have a URL that could be used by remote malicious users to trigger unvalidated redirects to third party sites.
Netiq Access Manager
3.8
CVSSv3
CVE-2017-7995
Xen PV guest before Xen 4.3 checked access permissions to MMIO ranges only after accessing them, allowing host PCI device space memory reads, leading to information disclosure. This is an error in the get_user function. NOTE: the upstream Xen Project considers versions prior to 4...
Xen Xen
Novell Suse Linux Enterprise Point Of Sale 11.0
Novell Suse Linux Enterprise Server 11.0
Suse Manager Proxy 2.1
Suse Manager 2.1
Suse Openstack Cloud 5
NA
CVE-2004-2734
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote malicious users to bypass access control to the WEB-INF folder.
Novell Netware 6.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »