Novell Open Enterprise Server — known CVE vulnerabilities
Every CVE whose affected-product data names Novell Open Enterprise Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2014-0609 — CVSS 10.0 (critical): Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before…
CVE-2014-0598 — CVSS 10.0 (critical): Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has…
CVE-2006-0736 — CVSS 10.0 (critical): Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1…
CVE-2008-5021 — CVSS 9.3 (critical): nsFrameManager in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13…
CVE-2013-2016 — CVSS 7.8 (high): A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device…
CVE-2009-0115 — CVSS 7.8 (high): The Device Mapper multipathing driver (aka multipath-tools or device-mapper-multipath) 0.4.8, as used in SUSE openSUSE, SUSE Linux…
CVE-2017-5182 — CVSS 7.5 (high): Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted…
CVE-2005-3655 — CVSS 7.5 (high): Heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) in Novell SUSE Linux Enterprise Server 9 allows…
CVE-2011-4194 — CVSS 7.5 (high): Buffer overflow in Novell iPrint Server in Novell Open Enterprise Server 2 (OES2) through SP3 on Linux allows remote attackers to execute…
CVE-2006-0999 — CVSS 5.0 (medium): The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) allows a client to force the server…
CVE-2006-0997 — CVSS 5.0 (medium): The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key…
CVE-2006-0998 — CVSS 5.0 (medium): The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher…
CVE-2009-0611 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in qfsearch/AdminServlet in QuickFinder Server in Novell Open Enterprise Server 1.x…
CVE-2013-3707 — CVSS 4.3 (medium): The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux…
CVE-2014-0599 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux…
CVE-2014-0595 — CVSS 2.6 (low): /opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a…
CVE-2005-1767 — CVSS 2.1 (low): traps.c in the Linux kernel 2.6.x and 2.4.x executes stack segment faults on an exception stack, which allows local users to cause a denial…
CVE-2005-1761 — CVSS 2.1 (low): Linux kernel 2.6 and 2.4 on the IA64 architecture allows local users to cause a denial of service (kernel crash) via ptrace and the…