Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
novell vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2016-1607
Multiple cross-site request forgery (CSRF) vulnerabilities in the administrative interface in Novell Filr prior to 2.0 Security Update 2 allow remote malicious users to hijack the authentication of administrators, as demonstrated by reconfiguring time settings via a vaconfig/time...
Novell Filr
1 EDB exploit
9
CVSSv2
CVE-2016-1608
vaconfig/time in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the ntpServer parameter.
Novell Filr
1 EDB exploit
3.5
CVSSv2
CVE-2016-1609
Multiple cross-site scripting (XSS) vulnerabilities in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allow remote authenticated users to inject arbitrary web script or HTML via crafted input, as demonstrated by a crafted attribute of an IMG element i...
Novell Filr
1 EDB exploit
5
CVSSv2
CVE-2016-1610
Directory traversal vulnerability in the email-template feature in Novell Filr prior to 1.2 Security Update 3 and 2.0 before Security Update 2 allows remote malicious users to bypass intended access restrictions and write to arbitrary files via a .. (dot dot) in a blob name.
Novell Filr
1 EDB exploit
7.2
CVSSv2
CVE-2016-1611
Novell Filr 1.2 before Hot Patch 6 and 2.0 before Hot Patch 2 uses world-writable permissions for /etc/profile.d/vainit.sh, which allows local users to gain privileges by replacing this file's content with arbitrary shell commands.
Novell Filr
1 EDB exploit
4.3
CVSSv2
CVE-2016-4955
ntpd in NTP 4.x prior to 4.2.8p8, when autokey is enabled, allows remote malicious users to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
Ntp Ntp 4.2.8
Ntp Ntp
Oracle Solaris 11.3
Oracle Solaris 10
Novell Suse Manager 2.1
Suse Linux Enterprise Server 11
Suse Openstack Cloud 5
Suse Manager Proxy 2.1
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
5
CVSSv2
CVE-2016-4956
ntpd in NTP 4.x prior to 4.2.8p8 allows remote malicious users to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
Ntp Ntp 4.2.8
Ntp Ntp
Oracle Solaris 11.3
Oracle Solaris 10
Novell Suse Manager 2.1
Suse Linux Enterprise Server 11
Suse Openstack Cloud 5
Suse Manager Proxy 2.1
Suse Linux Enterprise Server 12
Suse Linux Enterprise Desktop 12
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Siemens Simatic Net Cp 443-1 Opc Ua Firmware
5
CVSSv2
CVE-2016-4957
ntpd in NTP prior to 4.2.8p8 allows remote malicious users to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
Ntp Ntp 4.2.8
Ntp Ntp 4.3.92
Oracle Solaris 10
Oracle Solaris 11.3
Suse Manager Proxy 2.1
Suse Openstack Cloud 5
Novell Suse Manager 2.1
Opensuse Leap 42.1
Opensuse Opensuse 13.2
Suse Linux Enterprise Desktop 12
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
6.8
CVSSv2
CVE-2016-3707
The icmp_check_sysrq function in net/ipv4/icmp.c in the kernel.org projects/rt patches for the Linux kernel, as used in the kernel-rt package prior to 3.10.0-327.22.1 in Red Hat Enterprise Linux for Real Time 7 and other products, allows remote malicious users to execute SysRq co...
Linux Linux Kernel-rt
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Novell Suse Linux Enterprise Real Time Extension 12.0
6.8
CVSSv2
CVE-2016-2815
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox prior to 47.0 allow remote malicious users to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
Mozilla Firefox Esr
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 14.04
Novell Suse Linux Enterprise Server 12.0
Novell Suse Linux Enterprise Desktop 12.0
Novell Suse Linux Enterprise Software Development Kit 12.0
Opensuse Leap 42.1
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Mozilla Firefox
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »