Novell

Zenworks Configuration Management

35 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2015-0779

  • EPSS 80.15%
  • Veröffentlicht 07.06.2015 23:59:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in UploadServlet in Novell ZENworks Configuration Management (ZCM) 10 and 11 before 11.3.2 allows remote attackers to execute arbitrary code via a crafted directory name in the uid parameter, in conjunction with a WA...

10

CVE-2010-5324

Exploit
  • EPSS 74.07%
  • Veröffentlicht 07.06.2015 23:59:01
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a zenworks-fileupload request with a crafted ...

10

CVE-2010-5323

Exploit
  • EPSS 18.22%
  • Veröffentlicht 07.06.2015 23:59:00
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in UploadServlet in the Remote Management component in Novell ZENworks Configuration Management (ZCM) 10 before 10.3 allows remote attackers to execute arbitrary code via a crafted WAR pathname in the filename parame...

10

CVE-2014-7169

Warnung Exploit
  • EPSS 90.11%
  • Veröffentlicht 25.09.2014 01:55:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted enviro...

10

CVE-2014-6271

Warnung Exploit
  • EPSS 94.22%
  • Veröffentlicht 24.09.2014 18:48:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceComman...

5

CVE-2013-3706

  • EPSS 47.55%
  • Veröffentlicht 06.03.2014 11:55:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

Directory traversal vulnerability in the PreBoot service in Novell ZENworks Configuration Management (ZCM) 11.2 allows remote attackers to read arbitrary files via a .. (dot dot) in a preboot update pathname, aka ZDI-CAN-1595.

6.8

CVE-2013-6347

  • EPSS 2.4%
  • Veröffentlicht 02.11.2013 20:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Session fixation vulnerability in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack web sessions via unspecified vectors.

6.8

CVE-2013-6346

  • EPSS 0.9%
  • Veröffentlicht 02.11.2013 20:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Cross-site request forgery (CSRF) vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

10

CVE-2013-6345

  • EPSS 0.23%
  • Veröffentlicht 02.11.2013 20:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."

4.3

CVE-2013-6344

  • EPSS 0.59%
  • Veröffentlicht 02.11.2013 20:55:03
  • Zuletzt bearbeitet 11.04.2025 00:51:21

The ZCC page in Novell ZENworks Configuration Management (ZCM) before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors.