Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell zenworks configuration management vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1095
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onError event.
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
NA
CVE-2013-1093
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing att...
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
NA
CVE-2013-1097
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onload event.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1080
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 prior to 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote malicious users to conduct directory traversal attacks, and consequently upload and execute arbi...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11.2
1 EDB exploit
NA
CVE-2013-1079
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 up to and including 11.2 allows remote malicious users to execute arbitrary local DLL files via ...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.1a
NA
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote malicious users to obta...
Novell Zenworks Asset Management 7.5
NA
CVE-2011-2657
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary commands v...
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11
1 EDB exploit
NA
CVE-2011-2658
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote malicious users to execute arbitrary code by leveraging unspecified mscomct2 flaws.
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 11
NA
CVE-2011-3174
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary code via a long bstrReplaceT...
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
NA
CVE-2012-2223
The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x prior to 10.3.4 and 11.x prior to 11.2 enables the HTTP TRACE method, which might make it easier for remote malicious users to conduct cross-site tracing (XST) attacks via unspecified vectors.
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 11.1a
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »