Novell Zenworks_configuration_management
31 CVEs affecting Novell Zenworks_configuration_management. Latest disclosed: 2017-08-09. Critical: 4, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2015-0786 | Critical | 9.8 | 2017-08-09 | Stack-based buffer overflow in the logging functionality in the Preboot Policy service in Novell ZENworks Configuration Management (ZCM) allows remote attacker… |
CVE-2015-0782 | Critical | 9.8 | 2017-08-09 | SQL injection vulnerability in the ScheduleQuery method of the schedule class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to exec… |
CVE-2015-0781 | Critical | 9.8 | 2017-08-09 | Directory traversal vulnerability in the doPost method of the Rtrlet class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to upload… |
CVE-2015-0780 | Critical | 9.8 | 2017-08-09 | SQL injection vulnerability in the GetReRequestData method of the GetStoredResult class in Novell ZENworks Configuration Management (ZCM) allows remote attacke… |
CVE-2015-0785 | High | 7.5 | 2017-08-09 | com.novell.zenworks.inventory.rtr.actionclasses.wcreports in Novell ZENworks Configuration Management (ZCM) allows remote attackers to read arbitrary folders v… |
CVE-2015-0784 | High | 7.5 | 2017-08-09 | Rtrlet.class in Novell ZENworks Configuration Management (ZCM) allows remote attackers to obtain Session IDs of logged in users via a value of ShowLogins for t… |
CVE-2015-0783 | Medium | 6.5 | 2017-08-09 | The FileViewer class in Novell ZENworks Configuration Management (ZCM) allows remote authenticated users to read arbitrary files via the filename variable. |
CVE-2015-5970 | Medium | 5.3 | 2016-02-18 | The ChangePassword RPC method in Novell ZENworks Configuration Management (ZCM) 11.3 and 11.4 allows remote attackers to conduct XPath injection attacks, and r… |
CVE-2015-0779 | | 2015-06-07 | Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute… | |
CVE-2010-5324 | | 2015-06-07 | Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows r… | |
CVE-2010-5323 | | 2015-06-07 | Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows r… | |
CVE-2013-3706 | | 2014-03-06 | Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files… | |
CVE-2013-6347 | | 2013-11-02 | Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified v… | |
CVE-2013-6346 | | 2013-11-02 | Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hija… | |
CVE-2013-6345 | | 2013-11-02 | Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "… | |
CVE-2013-6344 | | 2013-11-02 | The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors. | |
CVE-2013-1084 | | 2013-11-02 | Directory traversal vulnerability in the GetFle method in the umaninv service in Novell ZENworks Configuration Management (ZCM) 11.2.3 allows remote attackers… | |
CVE-2013-1097 | | 2013-06-17 | Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allow… | |
CVE-2013-1095 | | 2013-06-17 | Cross-site scripting (XSS) vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1 allow… | |
CVE-2013-1094 | | 2013-06-17 | Cross-site scripting (XSS) vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management (ZCM) 11.2 before 11.2.3a Monthly Update 1… |