Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
edirectory vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1809
Heap-based buffer overflow in Novell eDirectory 8.7.3 prior to 8.7.3.10b, and 8.8 prior to 8.8.2 FTF2, allows remote malicious users to execute arbitrary code via an LDAP search request containing "NULL search parameters."
Novell Edirectory 8.7.3
Novell Edirectory 8.8
NA
CVE-2010-4327
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 prior to 8.8.5.6 and 8.8.6 prior to 8.8.6.2 allows remote malicious users to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
Novell Edirectory 8.8.6
Novell Edirectory 8.8.5
7.5
CVSSv3
CVE-2017-5186
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x prior to 3.0.2.1, Novell eDirectory 8.8.x prior to 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x prior to 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
Netiq Edirectory 9.0
Netiq Imanager 3.0.1
Novell Imanager
Netiq Imanager 3.0
Netiq Edirectory 9.0.2
Netiq Edirectory 9.0.1
Netiq Imanager 3.0.2
Novell Edirectory
7.5
CVSSv3
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq Edirectory
Microfocus Netiq Edirectory 9.0
NA
CVE-2014-5212
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote malicious users to inject arbitrary web script or HTML via the rdn parameter.
Novell Edirectory
NA
CVE-2014-5213
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory prior to 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
Novell Edirectory
NA
CVE-2008-4480
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.x prior to 8.8.3, and 8.7.3 prior to 8.7.3.10 ftf1, allows remote malicious users to execute arbitrary code via a crafted Netware Core Protocol opcode 0x24 message that triggers a calculation error that under-allocate...
Novell Edirectory
7.5
CVSSv3
CVE-2016-9167
NDSD in Novell eDirectory prior to 9.0.2 did not calculate ACLs on LDAP objects across partition boundaries correctly, which could lead to a privilege escalation by modifying user attributes that would otherwise be filtered by an ACL.
Novell Edirectory
6.5
CVSSv3
CVE-2016-9168
A missing X-Frame-Options header in the NDS Utility Monitor in NDSD in Novell eDirectory prior to 9.0.2 could be used by remote attackers for clickjacking.
Novell Edirectory
NA
CVE-2008-4479
Heap-based buffer overflow in dhost.exe in Novell eDirectory 8.8 prior to 8.8.3, and 8.7.3 prior to 8.7.3.10 ftf1, allows remote malicious users to execute arbitrary code via a SOAP request with a long Accept-Language header.
Novell Edirectory
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »