Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
groupwise vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-38756
A vulnerability has been identified in Micro Focus GroupWise Web in versions before 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.
Microfocus Groupwise
578
VMScore
CVE-2018-12468
A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. In certain circumstances this could result in remote code execution.
Microfocus Groupwise
383
VMScore
CVE-2016-5760
Multiple cross-site scripting (XSS) vulnerabilities in the administrator console in Novell GroupWise prior to 2014 R2 Service Pack 1 Hot Patch 1 allow remote malicious users to inject arbitrary web script or HTML via the (1) token parameter to gwadmin-console/install/login.jsp or...
Novell Groupwise
Novell Groupwise 2014
383
VMScore
CVE-2016-5761
Cross-site scripting (XSS) vulnerability in Novell GroupWise prior to 2014 R2 Service Pack 1 Hot Patch 1 allows remote malicious users to inject arbitrary web script or HTML via a crafted email.
Novell Groupwise
Novell Groupwise 2014
668
VMScore
CVE-2016-5762
Integer overflow in the Post Office Agent in Novell GroupWise prior to 2014 R2 Service Pack 1 Hot Patch 1 might allow remote malicious users to execute arbitrary code via a long (1) username or (2) password, which triggers a heap-based buffer overflow.
Novell Groupwise
Novell Groupwise 2014
383
VMScore
CVE-2016-9169
A reflected XSS vulnerability exists in the web console of the Document Viewer Agent in Novell GroupWise prior to 2014 R2 Support Pack 1 Hot Patch 2 that may enable a remote malicious user to execute JavaScript in the context of a valid user's browser session by getting the ...
Novell Groupwise 2014
383
VMScore
CVE-2014-0611
Multiple cross-site scripting (XSS) vulnerabilities in WebAccess in Novell GroupWise 2012 before Support Pack 4 and 2014 before Support Pack 2 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Novell Groupwise
890
VMScore
CVE-2014-0610
The client in Novell GroupWise prior to 8.0.3 HP4, 2012 before SP3, and 2014 before SP1 on Windows allows remote malicious users to execute arbitrary code or cause a denial of service (invalid pointer dereference) via unspecified vectors.
Novell Groupwise 2012
Novell Groupwise
Novell Groupwise 8.02
Novell Groupwise 8.01
Novell Groupwise 8.03
Novell Groupwise 8.00
Novell Groupwise 2014
Novell Groupwise 8.0
694
VMScore
CVE-2014-0600
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote malicious users to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.
Novell Groupwise 2014
445
VMScore
CVE-2014-1467
BlackBerry Enterprise Service 10 prior to 10.2.1, Universal Device Service 6, Enterprise Server Express for Domino up to and including 5.0.4, Enterprise Server Express for Exchange up to and including 5.0.4, Enterprise Server for Domino up to and including 5.0.4 MR6, Enterprise S...
Blackberry Enterprise Server
Blackberry Blackberry Universal Device Service 6.0
Blackberry Blackberry Enterprise Service 10.2.0
Blackberry Enterprise Server Express
Blackberry Blackberry Enterprise Service 10.1.0
Blackberry Blackberry Enterprise Service 10.0
Blackberry Blackberry Enterprise Service 10.1.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »