Show filters
73 Total Results
Displaying 21-30 of 73
Sort by:
Attacker Value
Unknown

CVE-2016-5747

Disclosure Date: March 23, 2017 (last updated November 08, 2023)
A security vulnerability in cookie handling in the http stack implementation in NDSD in Novell eDirectory before 9.0.1 allows remote attackers to bypass intended access restrictions by leveraging predictable cookies.
0
0
Attacker Value
Unknown

CVE-2014-5212

Disclosure Date: December 19, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in nds/search/data in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote attackers to inject arbitrary web script or HTML via the rdn parameter.
0
0
Attacker Value
Unknown

CVE-2014-5213

Disclosure Date: December 19, 2014 (last updated October 05, 2023)
nds/files/opt/novell/eDirectory/lib64/ndsimon/public/images in iMonitor in Novell eDirectory before 8.8 SP8 Patch 4 allows remote authenticated users to obtain sensitive information from process memory via a direct request.
0
0
Attacker Value
Unknown

CVE-2012-0430

Disclosure Date: December 25, 2012 (last updated October 05, 2023)
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2012-0432

Disclosure Date: December 25, 2012 (last updated October 05, 2023)
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
0
0
Attacker Value
Unknown

CVE-2012-0429

Disclosure Date: December 25, 2012 (last updated October 05, 2023)
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.
0
0
Attacker Value
Unknown

CVE-2012-0428

Disclosure Date: December 25, 2012 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2010-4862

Disclosure Date: October 05, 2011 (last updated October 04, 2023)
SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in an item action to index.php.
0
0
Attacker Value
Unknown

CVE-2010-4327

Disclosure Date: February 10, 2011 (last updated October 04, 2023)
Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524.
0
0
Attacker Value
Unknown

CVE-2009-4655

Disclosure Date: February 26, 2010 (last updated October 04, 2023)
The dhost web service in Novell eDirectory 8.8.5 uses a predictable session cookie, which makes it easier for remote attackers to hijack sessions via a modified cookie.
0
0
View More Topics  < Previous  Next >