Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell imanager vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-9276
Novell Access Manager iManager prior to 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.
Netiq Access Manager
8.8
CVSSv3
CVE-2017-7431
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have persistent CSRF in object management.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
6.1
CVSSv3
CVE-2017-7430
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have a persistent XSS vulnerability in Framework.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
9.8
CVSSv3
CVE-2017-7432
Novell iManager 2.7.x prior to 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x prior to 3.0.3.1 have a webshell upload vulnerability.
Novell Imanager 2.7
Netiq Imanager 3.0.1
Netiq Imanager 3.0.3.1
Netiq Imanager 3.0
Netiq Imanager 3.0.3
Netiq Imanager 3.0.2.1
Netiq Imanager 3.0.2
7.5
CVSSv3
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0
Netiq Imanager 3.0.1
Novell Imanager
Netiq Imanager 3.0
Netiq Edirectory 9.0.2
Netiq Edirectory 9.0.1
Netiq Imanager 3.0.2
Novell Edirectory
NA
CVE-2013-3268
Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.
Novell Imanager 2.7
Novell Imanager 2.7.4
Novell Imanager 2.7.3
Novell Imanager 2.7.1
Novell Imanager 2.7.5
Novell Imanager 2.7.2
Novell Imanager
Novell Imanager 2.7.0
NA
CVE-2013-1088
Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote malicious users to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.
Novell Imanager 2.7
Novell Imanager 2.7.4
Novell Imanager 2.7.3
Novell Imanager 2.7.1
Novell Imanager 2.7.5
Novell Imanager 2.7.2
Novell Imanager
NA
CVE-2011-4188
Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related issu...
Novell Imanager 2.0.2
Novell Imanager 2.0
Novell Imanager 1.5
Novell Imanager 2.5
Novell Imanager 2.7.3
Novell Imanager 2.7.0
Novell Imanager 2.6.0
Novell Imanager
NA
CVE-2010-1929
Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 function in jclient.dll in the Tomcat web server in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allow remote authenticated users to execute arbitrary code via the (1) EnteredClassID or...
Novell Imanager 2.7.3
Novell Imanager 2.7.0
1 EDB exploit
NA
CVE-2010-1930
Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote malicious users to cause a denial of service (daemon crash) via a long tree parameter in a login request to nps/servlet/webacc.
Novell Imanager 2.7.3
Novell Imanager 2.7.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »