Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edirectory vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2017-9277
The LDAP backend in Novell eDirectory prior to 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.
Novell Edirectory
Novell Edirectory 9.0
383
VMScore
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0
Netiq Imanager 3.0.1
Novell Imanager
Netiq Imanager 3.0
Netiq Edirectory 9.0.2
Netiq Edirectory 9.0.1
Netiq Imanager 3.0.2
Novell Edirectory
445
VMScore
CVE-2016-5747
A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory prior to 9.0.1 allows remote malicious users to bypass intended access restrictions by leveraging predictable cookies.
Novell Edirectory
445
VMScore
CVE-2016-9167
NDSD in Novell eDirectory prior to 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.
Novell Edirectory
383
VMScore
CVE-2016-9168
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory prior to 9.0.2 could be used by remote attackers for clickjacking.
Novell Edirectory
755
VMScore
CVE-2015-2281
Stack-based buffer overflow in collectoragent.exe in Fortinet Single Sign On (FSSO) before build 164 allows remote malicious users to execute arbitrary code via a large PROCESS_HELLO message to the Message Dispatcher on TCP port 8000.
Fortinet Single Sign On 4.3
1 EDB exploit
383
VMScore
CVE-2014-5212
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote malicious users to inject arbitrary web script or HTML via the rdn parameter.
Novell Edirectory
356
VMScore
CVE-2014-5213
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
Novell Edirectory
409
VMScore
CVE-2014-4509
The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters.
Netiq Identity Manager 4.0.2
383
VMScore
CVE-2012-0428
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x prior to 8.8.6.7 and 8.8.7.x prior to 8.8.7.2 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Microfocus Edirectory 8.8.6.5
Microfocus Edirectory 8.8.6.4
Microfocus Edirectory 8.8.6.3
Microfocus Edirectory 8.8.6.2
Microfocus Edirectory 8.8.6.0
Microfocus Edirectory 8.8.6.6
Microfocus Edirectory 8.8.6.1
Microfocus Edirectory 8.8.7.0
Microfocus Edirectory 8.8.7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »