Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edirectory vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2006-4521
The BerDecodeLoginDataRequest function in the libnmasldap.so NMAS module in Novell eDirectory 8.8 and 8.8.1 before the Security Services 2.0.3 patch does not properly increment a pointer when handling certain input, which allows remote malicious users to cause a denial of service...
Novell Edirectory 8.8
Novell Edirectory 8.8.1
10
CVSSv2
CVE-2012-0432
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x prior to 8.8.7.2 allows remote malicious users to have an unspecified impact via unknown vectors.
Microfocus Edirectory 8.8.7.0
Microfocus Edirectory 8.8.7.1
2 EDB exploits
4.3
CVSSv2
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0
Netiq Imanager 3.0.1
Novell Imanager
Netiq Imanager 3.0
Netiq Edirectory 9.0.2
Netiq Edirectory 9.0.1
Netiq Imanager 3.0.2
Novell Edirectory
5
CVSSv2
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq Edirectory
Microfocus Netiq Edirectory 9.0
5
CVSSv2
CVE-2016-9167
NDSD in Novell eDirectory prior to 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.
Novell Edirectory
5
CVSSv2
CVE-2018-7686
Information leakage vulnerability in NetIQ eDirectory prior to 9.1.1 HF1 due to shared memory usage.
Microfocus Edirectory
5
CVSSv2
CVE-2017-9267
In Novell eDirectory prior to 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.
Novell Edirectory
4.3
CVSSv2
CVE-2014-5212
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote malicious users to inject arbitrary web script or HTML via the rdn parameter.
Novell Edirectory
4.3
CVSSv2
CVE-2016-9168
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory prior to 9.0.2 could be used by remote attackers for clickjacking.
Novell Edirectory
5
CVSSv2
CVE-2018-1346
Addresses denial of service attack to eDirectory versions before 9.1.
Netiq Edirectory
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
race condition
CVE-2024-4249
CVE-2024-4244
CVE-2023-20198
TCP
CVE-2022-48648
CVE-2022-48636
CVE-2024-21345
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »