21 matches found
EUVD-2013-6171
Malware in sbrugna...
EUVD-2013-1135
Malware in sbrugna...
EUVD-2013-6170
Malware in sbrugna...
CVE-2013-6345
Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."...
CVE-2024-23462 ZCC Mac validinstaller file integrity check missing
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4...
CVE-2024-23462 ZCC Mac validinstaller file integrity check missing
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS allows a denial of service of the Client Connector binary and thus removing client functionality.This issue affects Client Connector on MacOS: before 3.4...
CVE-2024-23461 ZCC macOS Upgrade ZIP Bomb DoS
An Improper Validation of Integrity Check Value vulnerability in Zscaler Client Connector on MacOS during the upgrade process may allow a Local Execution of Code.This issue affects Client Connector on MacOS: before 3.4...
CVE-2023-41971 Windows ZCC Upgrade DoS And Privilege Escalation Through RPC Control
An Improper Link Resolution Before File Access 'Link Following' vulnerability in Zscaler Client Connector on Windows allows a system file to be overwritten.This issue affects Client Connector on Windows: before 3.7...
CVE-2023-28803 Traffic being bypassed by ZCC by configuring synthetic IP range as local network
An authentication bypass by spoofing of a device with a synthetic IP address is possible in Zscaler Client Connector on Windows, allowing a functionality bypass. This issue affects Client Connector: before 3.9...
CVE-2013-6346
Cross-site request forgery CSRF vulnerability in the ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 has unknown impact and attack vectors related to an "Application Exception."...
Cross site scripting
The ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 allows attackers to conduct cross-frame scripting attacks via unknown vectors...
CVE-2013-6346
Cross-site request forgery CSRF vulnerability in the ZCC page in Novell ZENworks Configuration Management ZCM before 11.2.4 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...
CVE-2013-1097
Cross-site scripting XSS vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management ZCM 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event...
Cross site scripting
Cross-site scripting XSS vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management ZCM 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale...
Cross site scripting
Cross-site scripting XSS vulnerability in a ZCC page in njwc.jar in Novell ZENworks Configuration Management ZCM 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via vectors involving an onload event...
Open redirect
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management ZCM 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage...
CVE-2013-1093
Open redirect vulnerability in the fwdToURL function in the ZCC login page in zcc-framework.jar in Novell ZENworks Configuration Management ZCM 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the directToPage...
CVE-2013-1093
The CVE-2013-1093 entry concerns an open redirect in the ZENworks Configuration Management (ZCM) 11.2 line, specifically the fwdToURL function on the ZENworks Control Center (ZCC) login page (zcc-framework.jar). The root cause is improper validation of the directToPage parameter, enabling remote ...
CVE-2013-1094
Cross-site scripting XSS vulnerability in a ZCC page in zenworks-core in Novell ZENworks Configuration Management ZCM 11.2 before 11.2.3a Monthly Update 1 allows remote attackers to inject arbitrary web script or HTML via an invalid locale...