Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell zenworks configuration management vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1095
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onError event.
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
NA
CVE-2013-1094
Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via an invalid locale.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1097
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onload event.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1079
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 up to and including 11.2 allows remote malicious users to execute arbitrary local DLL files via ...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.1a
NA
CVE-2013-1080
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 prior to 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote malicious users to conduct directory traversal attacks, and consequently upload and execute arbi...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11.2
1 EDB exploit
NA
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote malicious users to obta...
Novell Zenworks Asset Management 7.5
NA
CVE-2011-3174
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary code via a long bstrReplaceT...
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
NA
CVE-2011-2657
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary commands v...
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11
1 EDB exploit
NA
CVE-2011-2658
The ISList.ISAvi ActiveX control in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 provides access to the mscomct2.ocx file, which allows remote malicious users to execute arbitrary code by leveraging unspecified mscomct2 flaws.
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 11
NA
CVE-2012-2223
The xplat agent in Novell ZENworks Configuration Management (ZCM) 10.3.x prior to 10.3.4 and 11.x prior to 11.2 enables the HTTP TRACE method, which might make it easier for remote malicious users to conduct cross-site tracing (XST) attacks via unspecified vectors.
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 11.1a
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »