Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groupwise vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2002-0303
GroupWise 6, when using LDAP authentication and when Post Office has a blank username and password, allows malicious users to gain privileges of other users by logging in without a password.
Novell Groupwise 6.0
5
CVSSv2
CVE-2002-0341
GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote malicious users to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.
Novell Groupwise 5.5
5
CVSSv2
CVE-2011-2219
Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote malicious users to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218.
Novell Groupwise 8.0
10
CVSSv2
CVE-2007-2171
Stack-based buffer overflow in the base64_decode function in GWINTER.exe in Novell GroupWise (GW) WebAccess prior to 7.0 SP2 allows remote malicious users to execute arbitrary code via long base64 content in an HTTP Basic Authentication request.
Novell Groupwise 7.0
4.3
CVSSv2
CVE-2016-9169
A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise prior to 2014 R2 Support Pack 1 Hot Patch 2 that may enable a remote malicious user to execute JavaScript in the context of a valid user's browser session by getting the ...
Novell Groupwise 2014
10
CVSSv2
CVE-2011-2663
Array index error in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote malicious users to execute arbitrary code via a crafted yearly RRULE variable in a VCALENDAR attachment in an e-mail message.
Novell Groupwise 8.0
7.8
CVSSv2
CVE-2014-0600
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote malicious users to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
Novell Groupwise 2014
4.3
CVSSv2
CVE-2010-2779
Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x prior to 8.0 SP2 allows remote malicious users to inject arbitrary web script or HTML via a crafted message, related to "replies."
Novell Groupwise 8.0
5
CVSSv2
CVE-2001-1232
GroupWise WebAccess 5.5 with directory indexing enabled allows a remote malicious user to view arbitrary directory contents via an HTTP request with a lowercase "get".
Novell Groupwise 5.5
7.5
CVSSv2
CVE-2005-2346
Buffer overflow in Novell GroupWise 6.5 Client allows remote malicious users to execute arbitrary code via a GWVW02xx.INI language file with a long entry, as demonstrated using a long ES02TKS.VEW value in the Group Task section.
Novell Groupwise 6.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »