Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zenworks configuration management vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2011-3175
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote malicious users to execute arbitrary code via an opcode 0x6c request.
Novell Zenworks Configuration Management 11.1
Novell Zenworks Configuration Management 11.1a
2 EDB exploits
10
CVSSv2
CVE-2011-3176
Stack-based buffer overflow in the Preboot Service in Novell ZENworks Configuration Management (ZCM) 11.1 and 11.1a allows remote malicious users to execute arbitrary code via an opcode 0x4c request.
Novell Zenworks Configuration Management 11.1a
Novell Zenworks Configuration Management 11.1
2 EDB exploits
10
CVSSv2
CVE-2013-1080
The web server in Novell ZENworks Configuration Management (ZCM) 10.3 and 11.2 prior to 11.2.4 does not properly perform authentication for zenworks/jsp/index.jsp, which allows remote malicious users to conduct directory traversal attacks, and consequently upload and execute arbi...
Novell Zenworks Configuration Management 10.3
Novell Zenworks Configuration Management 11.2
1 EDB exploit
4.3
CVSSv2
CVE-2012-6344
Novell ZENworks Configuration Management prior to 11.2.4 allows XSS.
Novell Zenworks Configuration Management
5
CVSSv2
CVE-2012-6345
Novell ZENworks Configuration Management prior to 11.2.4 allows obtaining sensitive trace information.
Novell Zenworks Configuration Management
7.5
CVSSv2
CVE-2015-0780
SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Novell Zenworks Configuration Management -
7.5
CVSSv2
CVE-2015-0781
Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote malicious users to upload and execute arbitrary files via unspecified vectors.
Novell Zenworks Configuration Management -
7.5
CVSSv2
CVE-2015-0782
SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Novell Zenworks Configuration Management -
5
CVSSv2
CVE-2015-0784
Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote malicious users to obtain Session IDs of logged in users via a value of ShowLogins for the maintenance variable.
Novell Zenworks Configuration Management -
5
CVSSv2
CVE-2015-0785
com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote malicious users to read arbitrary folders via the dirname variable.
Novell Zenworks Configuration Management -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »