Novell

Zenworks Configuration Management

35 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-0779

  • EPSS 80.15%
  • Published 07.06.2015 23:59:04
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WA...

10

CVE-2010-5324

Exploit
  • EPSS 74.07%
  • Published 07.06.2015 23:59:01
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted ...

10

CVE-2010-5323

Exploit
  • EPSS 18.22%
  • Published 07.06.2015 23:59:00
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parame...

10

CVE-2014-7169

Warning Exploit
  • EPSS 90.11%
  • Published 25.09.2014 01:55:04
  • Last modified 12.04.2025 10:46:40

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...

10

CVE-2014-6271

Warning Exploit
  • EPSS 94.22%
  • Published 24.09.2014 18:48:04
  • Last modified 12.04.2025 10:46:40

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...

5

CVE-2013-3706

  • EPSS 47.55%
  • Published 06.03.2014 11:55:04
  • Last modified 12.04.2025 10:46:40

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

6.8

CVE-2013-6347

  • EPSS 2.4%
  • Published 02.11.2013 20:55:04
  • Last modified 11.04.2025 00:51:21

Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.

6.8

CVE-2013-6346

  • EPSS 0.9%
  • Published 02.11.2013 20:55:03
  • Last modified 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

10

CVE-2013-6345

  • EPSS 0.23%
  • Published 02.11.2013 20:55:03
  • Last modified 11.04.2025 00:51:21

Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."

4.3

CVE-2013-6344

  • EPSS 0.59%
  • Published 02.11.2013 20:55:03
  • Last modified 11.04.2025 00:51:21

The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors.