CVE-2025-3509

A Remote Code Execution RCE vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. The vulnerability involves using dynamically...

CVE-2025-3509 Pre-Receive Hook Remote Code Execution vulnerability was identified in GitHub Enterprise Server that allowing Privilege Escalation

A Remote Code Execution RCE vulnerability was identified in GitHub Enterprise Server that allowed attackers to execute arbitrary code by exploiting the pre-receive hook functionality, potentially leading to privilege escalation and system compromise. The vulnerability involves using dynamically...

Vulnerability found in Ivanti Endpoint Manager

A vulnerability has been found in Ivanti Endpoint Manager EPM 2024. Other versions of Ivanti Endpoint Manager are not known to be vulnerable. The vulnerability allows an authenticated attacker who is on the same network to execute arbitrary code via SQL injection. Ivanti has no indication that th...

CVE-2022-0070 Log4j hot patch package privilege escalation

Incomplete fix for CVE-2021-3100. The Apache Log4j hotpatch package starting with log4j-cve-2021-44228-hotpatch-1.1-16 will now explicitly mimic the Linux capabilities and cgroups of the target Java process that the hotpatch is applied to...

CVE-2016-5760

Multiple cross-site scripting XSS vulnerabilities in the administrator console in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allow remote attackers to inject arbitrary web script or HTML via the 1 token parameter to gwadmin-console/install/login.jsp or 2 PATHINFO to...

CVE-2016-5761

Cross-site scripting XSS vulnerability in Novell GroupWise before 2014 R2 Service Pack 1 Hot Patch 1 allows remote attackers to inject arbitrary web script or HTML via a crafted email...

Novell GroupWise Cross-Site Scripting Vulnerability (CNVD-2017-05134)

Novell GroupWise is a collaborative communication system from Novell. The system provides collaborative communication services such as e-mail, scheduling, instant messaging, task management, document management, and contact management.Document Viewer Agent is one of the document viewers. A...

Novell Filr Cross-Site Scripting Vulnerability

Novell Filr is a file access and sharing solution for the enterprise from Novell, USA. A cross-site scripting vulnerability exists in version 1.2 prior to Novell Filr Hot Patch 4. The vulnerability can be exploited by a remote attacker to inject arbitrary web script or HTML via a specially crafte...

CVE-2015-5968

Cross-site scripting XSS vulnerability in Novell Filr 1.2 before Hot Patch 4 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

Novell GroupWise Client 8.x < 8.0.3 Hot Patch 2 / 2012.x < 2012 SP1 Hot Patch 1 Multiple Vulnerabilities

The version of Novell GroupWise Client installed on the remote Windows host is 8.x prior to 8.0.3 Hot Patch 2 8.0.3.26516 or 2012.x prior to 2012 SP1 Hot Patch 1 12.0.1.16521. It is, therefore, reportedly affected by the following vulnerabilities : - An unspecified error exists related to an...

Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities

Novell Groupwise Client 8.0 - Multiple Remote Code Execution Vulnerabilities source: https://www.securityfocus.com/bid/57657/info Novell Groupwise Client is prone to multiple remote code-execution vulnerabilities. A remote attacker can leverage this issue to execute arbitrary code within the...

CVE-2011-0464

The CVE-2011-0464 entry concerns Novell Vibe OnPrem 3.0 prior to Hot Patch 1, with a remote code execution vulnerability described as unspecified vectors. The NVD record assigns a CVSS v2 base score of 10.0 (HIGH) and indicates network attack with no authentication required, affecting confidentia...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Novell Groupwise Cross Site Scripting

Novell GroupWise Web Access Multiple XSS /============================================\ / SecureState R&D Team - leroy and sasquatch \ / Discovered: 11-24-08, 03-05-09 \ \ Vendor Notified: 01-06-09, 03-05-09 / \ Vendor Publication: 05-21-09 / ============================================/...

Novell GroupWise Messenger HTTP response handling buffer overflow

Added: 07/07/2008 CVE: CVE-2008-2703 BID: 29602 OSVDB: 46041 Background GroupWise Messenger is an instant messaging client for Novell GroupWise. Problem Novell GroupWise is affected by a buffer overflow vulnerability which could allow command execution when the client program processes specially...

CVE-2008-2704

The CVE concerns Novell GroupWise Messenger (GWIM) Client prior to Version 2.0.3 Hot Patch 1, where a long user ID (or crafted server responses) can cause a remote crash (DoS). The issue originates from GWIM’s handling of long IDs and/or certain server responses, and is documented as potentially ...

WINDOWSSERVER2022HOTPATCH:SERVER:GDR:BR:10.0.20348.4294:UnifiedCumulativeUpdate:

This detectoid will be used for targeting Baseline version 10.0.20348.4294 for GDR...