Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell zenworks configuration management vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0779
Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 prior to 11.3.2 allows remote malicious users to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WAR filename in the file...
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
2 EDB exploits
NA
CVE-2010-5323
Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 prior to 10.3 allows remote malicious users to execute arbitrary code via a crafted WAR pathname in the filename parameter in conjunction wit...
Novell Zenworks Configuration Management 10.0
Novell Zenworks Configuration Management 10.1
Novell Zenworks Configuration Management 10.2
1 EDB exploit
NA
CVE-2010-5324
Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 prior to 10.3 allows remote malicious users to execute arbitrary code via a zenworks-fileupload request with a crafted directory name in the ...
Novell Zenworks Configuration Management 10.0
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.1
1 EDB exploit
NA
CVE-2013-3706
Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote malicious users to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-6344
The ZCC page in Novell ZENworks Configuration Management (ZCM) prior to 11.2.4 allows malicious users to conduct cross-frame scripting attacks via unknown vectors.
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 10.3.2
NA
CVE-2013-6345
Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) prior to 11.2.4 has unknown impact and attack vectors related to an "Application Exception."
Novell Zenworks Configuration Management
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 10.3.1
NA
CVE-2013-6346
Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) prior to 11.2.4 allows remote malicious users to hijack the authentication of unspecified victims via unknown vectors.
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3
NA
CVE-2013-6347
Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) prior to 11.2.4 allows remote malicious users to hijack web sessions via unspecified vectors.
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 10.2
NA
CVE-2013-1084
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.
Novell Zenworks Configuration Management 11.2.3
NA
CVE-2013-1095
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onError event.
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »