Every CVE whose affected-product data names Novell Netware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (71)
CVE-2003-1595 — CVSS 10.0 (critical): NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified…
CVE-2010-2351 — CVSS 10.0 (critical): Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remote attackers to…
CVE-1999-1086 — CVSS 10.0 (critical): Novell 5 and earlier, when running over IPX with a packet signature level less than 3, allows remote attackers to gain administrator…
CVE-2004-2734 — CVSS 10.0 (critical): webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag…
CVE-2010-4227 — CVSS 10.0 (critical): The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to cause a denial of service (abend) or…
CVE-2008-5696 — CVSS 9.3 (critical): Novell NetWare 6.5 before Support Pack 8, when an OES2 Linux server is installed into the NDS tree, does not require a password for the…
CVE-2010-4228 — CVSS 9.0 (critical): Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows remote authenticated users to execute…
CVE-2010-0317 — CVSS 7.8 (high): Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereference, memory consumption, ABEND, and…
CVE-2003-1594 — CVSS 7.5 (high): NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote…
CVE-2002-2096 — CVSS 7.5 (high): Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary…
CVE-2003-0976 — CVSS 7.5 (high): NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are…
CVE-2003-1150 — CVSS 7.5 (high): Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote…
CVE-2007-6735 — CVSS 7.5 (high): NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the…
CVE-2003-1593 — CVSS 7.5 (high): NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which…
CVE-1999-1020 — CVSS 7.5 (high): The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers…
CVE-2003-1596 — CVSS 7.5 (high): NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway…
CVE-2005-4887 — CVSS 7.5 (high): NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to…
CVE-2011-4191 — CVSS 7.5 (high): Stack-based buffer overflow in the xdrDecodeString function in XNFS.NLM in Novell NetWare 6.5 SP8 allows remote attackers to execute…
CVE-2002-1436 — CVSS 7.5 (high): The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary Perl code via an HTTP POST…
CVE-2000-1245 — CVSS 7.5 (high): Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to…
CVE-2000-0257 — CVSS 7.5 (high): Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands…
CVE-2002-1413 — CVSS 7.5 (high): RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ…
CVE-2000-0600 — CVSS 7.5 (high): Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a…
CVE-1999-1382 — CVSS 7.2 (high): NetWare NFS mode 1 and 2 implements the "Read Only" flag in Unix by changing the ownership of a file to root, which allows local users to…
CVE-2006-6675 — CVSS 6.8 (medium): Cross-site scripting (XSS) vulnerability in Novell NetWare 6.5 Support Pack 5 and 6 and Novell Apache on NetWare 2.0.48 allows remote…
CVE-2010-0625 — CVSS 6.5 (medium): Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 through 6.5 SP8 allows remote…
CVE-2006-2327 — CVSS 6.4 (medium): Multiple integer overflows in the DPRPC library (DPRPCNLM.NLM) NDPS/iPrint module in Novell Distributed Print Services in Novell NetWare…
CVE-2005-4888 — CVSS 5.0 (medium): NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale…
CVE-1999-0470 — CVSS 5.0 (medium): A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted.
CVE-1999-0805 — CVSS 5.0 (medium): Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a…
CVE-1999-0929 — CVSS 5.0 (medium): Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of…
CVE-2000-0669 — CVSS 5.0 (medium): Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
CVE-2001-1233 — CVSS 5.0 (medium): Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (NDS) enabled allows remote attackers to…
CVE-2001-1580 — CVSS 5.0 (medium): Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files…
CVE-2001-1587 — CVSS 5.0 (medium): NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous…
CVE-2002-0791 — CVSS 5.0 (medium): Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to…
CVE-2002-0929 — CVSS 5.0 (medium): Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.
CVE-2002-0930 — CVSS 5.0 (medium): Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service…
CVE-2002-1417 — CVSS 5.0 (medium): Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and…
CVE-2002-1418 — CVSS 5.0 (medium): Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1…
CVE-2002-1437 — CVSS 5.0 (medium): Directory traversal vulnerability in the web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to read…
CVE-2002-1438 — CVSS 5.0 (medium): The web handler for Perl 5.003 on Novell NetWare 5.1 and NetWare 6 allows remote attackers to obtain Perl version information via the -v…
CVE-2002-1634 — CVSS 5.0 (medium): Novell NetWare 5.1 installs sample applications that allow remote attackers to obtain sensitive information via (1) ndsobj.nlm, (2)…
CVE-2002-2432 — CVSS 5.0 (medium): Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of…
CVE-2002-2434 — CVSS 5.0 (medium): NWFTPD.nlm before 5.02i in the FTP server in Novell NetWare does not properly listen for data connections, which allows remote attackers to…
CVE-2003-0562 — CVSS 5.0 (medium): Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND)…
CVE-2003-1592 — CVSS 5.0 (medium): Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to…
CVE-2004-2104 — CVSS 5.0 (medium): Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to obtain sensitive server information, including the internal IP…
CVE-2004-2105 — CVSS 5.0 (medium): The webacc servlet in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to read arbitrary .htt files via a full…
CVE-2004-2106 — CVSS 5.0 (medium): Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to list directories via a direct request to (1) /com/, (2)…
CVE-2005-0819 — CVSS 5.0 (medium): The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct…
CVE-2005-1060 — CVSS 5.0 (medium): Unknown vulnerability in the TCP/IP functionality (TCPIP.NLM) in Novell Netware 6.x allows remote attackers to cause a denial of service…
CVE-2005-2852 — CVSS 5.0 (medium): Unknown vulnerability in CIFS.NLM in Novell Netware 6.5 SP2 and SP3, 5.1, and 6.0 allows remote attackers to cause a denial of service…
CVE-2006-0997 — CVSS 5.0 (medium): The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key…
CVE-2006-0998 — CVSS 5.0 (medium): The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher…
CVE-2006-0999 — CVSS 5.0 (medium): The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server…
CVE-2006-1322 — CVSS 5.0 (medium): Novell Netware NWFTPD 5.06.05 allows remote attackers to cause a denial of service (ABEND) via an MDTM command that uses a long path for…
CVE-1999-1320 — CVSS 4.6 (medium): Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing.
CVE-2002-1772 — CVSS 4.6 (medium): Novell Netware 5.0 through 5.1 may allow local users to gain "Domain Admin" rights by logging into a Novell Directory Services (NDS)…
CVE-1999-1215 — CVSS 4.6 (medium): LOGIN.EXE program in Novell Netware 4.0 and 4.01 temporarily writes user name and password information to disk, which could allow local…
CVE-2004-2103 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Novell NetWare Enterprise Web Server 5.1 and 6.0 allows remote attackers to process arbitrary…
CVE-2004-2767 — CVSS 4.3 (medium): NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a…
CVE-2003-1591 — CVSS 4.3 (medium): NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of…
CVE-2002-2433 — CVSS 4.0 (medium): NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a…
CVE-2006-2185 — CVSS 4.0 (medium): PORTAL.NLM in Novell Netware 6.5 SP5 writes the username and password in cleartext to the abend.log log file when the groupOperationsMethod…
CVE-2007-6734 — CVSS 4.0 (medium): NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction…
CVE-2000-1246 — CVSS 3.5 (low): NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend)…
CVE-2002-2083 — CVSS 2.1 (low): The Novell Netware client running on Windows 95 allows local users to bypass the login and open arbitrary files via the "What is this?"…
CVE-2004-2414 — CVSS 2.1 (low): Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes…