Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zenworks configuration management vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2013-1084
Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote malicious users to read arbitrary files via a .. (dot dot) in the Filename parameter in a GetFile action to zenworks-unmaninv/.
Novell Zenworks Configuration Management 11.2.3
NA
CVE-2013-1093
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to redirect users to arbitrary web sites and conduct phishing att...
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
NA
CVE-2013-1094
Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via an invalid locale.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1095
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onError event.
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
NA
CVE-2013-1097
Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 prior to 11.2.3a Monthly Update 1 allows remote malicious users to inject arbitrary web script or HTML via vectors involving an onload event.
Novell Zenworks Configuration Management 11.2.1
Novell Zenworks Configuration Management 11.2.2
Novell Zenworks Configuration Management 11.2.3
Novell Zenworks Configuration Management 11.2
NA
CVE-2013-1080
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 prior to 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote malicious users to conduct directory traversal attacks, and consequently upload and execute arbi...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11.2
1 EDB exploit
NA
CVE-2013-1079
Directory traversal vulnerability in the ISCreateObject method in an ActiveX control in InstallShield\ISProxy.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.3 up to and including 11.2 allows remote malicious users to execute arbitrary local DLL files via ...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 10.3.1
Novell Zenworks Configuration Management 10.3.2
Novell Zenworks Configuration Management 10.3.3
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 11.2
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 11.1a
NA
CVE-2012-4933
The rtrlet web application in the Web Console in Novell ZENworks Asset Management (ZAM) 7.5 uses a hard-coded username of Ivanhoe and a hard-coded password of Scott for the (1) GetFile_Password and (2) GetConfigInfo_Password operations, which allows remote malicious users to obta...
Novell Zenworks Asset Management 7.5
NA
CVE-2011-3174
Buffer overflow in the DoFindReplace function in the ISGrid.Grid2.1 ActiveX control in InstallShield/ISGrid2.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary code via a long bstrReplaceT...
Novell Zenworks Configuration Management 11
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
NA
CVE-2011-2657
Directory traversal vulnerability in the LaunchProcess function in the LaunchHelp.HelpLauncher.1 ActiveX control in LaunchHelp.dll in AdminStudio in Novell ZENworks Configuration Management (ZCM) 10.2, 10.3, and 11 SP1 allows remote malicious users to execute arbitrary commands v...
Novell Zenworks Configuration Management 10.2
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »