Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
NovellGroupwise

19 matches found

CVE
CVEadded 2000/10/13 4:0 a.m.55 views

CVE-2000-0146

The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet.

5CVSS6.6AI score0.0578EPSS
CVE
CVEadded 2005/08/17 4:0 a.m.53 views

CVE-2005-2620

grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory.

5CVSS6.5AI score0.01761EPSS
CVE
CVEadded 2011/01/31 8:0 p.m.53 views

CVE-2010-4715

Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agent components in Novell GroupWise before 8.02HP allow remote attackers to read arbitrary files via unspecified vectors. NOTE: some of these details are obtained from third party information.

5CVSS6.9AI score0.03511EPSS
CVE
CVEadded 2005/04/21 4:0 a.m.48 views

CVE-2001-1458

Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.

5CVSS6.7AI score0.00888EPSS
CVE
CVEadded 2011/10/08 2:52 a.m.48 views

CVE-2011-2218

Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2219.

5CVSS6.7AI score0.01731EPSS
CVE
CVEadded 2006/06/29 5:5 p.m.46 views

CVE-2006-3268

Unspecified vulnerability in the Windows Client API in Novell GroupWise 5.x through 7 might allow users to obtain "random programmatic access" to other email within the same post office.

5CVSS6.3AI score0.00983EPSS
CVE
CVEadded 2000/02/04 5:0 a.m.45 views

CVE-1999-1006

Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.

5CVSS6.7AI score0.00288EPSS
CVE
CVEadded 2005/02/10 5:0 a.m.45 views

CVE-2005-0296

NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns te...

5CVSS6.2AI score0.00842EPSS
CVE
CVEadded 2001/06/27 4:0 a.m.44 views

CVE-2001-0355

Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.

5CVSS7.1AI score0.00426EPSS
CVE
CVEadded 2012/07/05 2:55 p.m.44 views

CVE-2012-0410

Directory traversal vulnerability in WebAccess in Novell GroupWise before 8.03 allows remote attackers to read arbitrary files via the User.interface parameter.

5CVSS6.8AI score0.03832EPSS
CVE
CVEadded 2005/10/04 9:2 p.m.43 views

CVE-2005-2804

Integer overflow in the registry parsing code in GroupWise 6.5.3, and possibly earlier version, allows remote attackers to cause a denial of service (application crash) via a large TCP/IP port in the Windows registry key.

5CVSS7.5AI score0.05299EPSS
CVE
CVEadded 2011/10/08 2:52 a.m.43 views

CVE-2011-2219

Unspecified vulnerability in GroupWise Internet Agent (GWIA) in Novell GroupWise 8.0 before HP3 allows remote attackers to cause a denial of service (daemon crash) via unknown vectors, a different vulnerability than CVE-2011-2218.

5CVSS6.7AI score0.01731EPSS
CVE
CVEadded 2012/09/28 10:40 a.m.43 views

CVE-2012-0419

Directory traversal vulnerability in the agent HTTP interfaces in Novell GroupWise 8.0 before Support Pack 3 and 2012 before Support Pack 1 allows remote attackers to read arbitrary files via directory traversal sequences in a request.

5CVSS6.7AI score0.78808EPSS
CVE
CVEadded 2000/04/25 4:0 a.m.41 views

CVE-1999-1005

Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.

5CVSS6.7AI score0.01704EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.40 views

CVE-2001-1231

GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arbitrary users' mailboxes by extracting usernames and passwords from sniffed network traffic, as addressed by the "Padlock" fix.

5CVSS6.8AI score0.01659EPSS
CVE
CVEadded 2009/11/04 6:30 p.m.40 views

CVE-2009-3863

Buffer overflow in the gxmim1.dll ActiveX control in Novell Groupwise Client 7.0.3.1294 allows remote attackers to cause a denial of service (application crash) via a long argument to the SetFontFace method.

5CVSS6.8AI score0.03815EPSS
CVE
CVEadded 2009/02/03 7:30 p.m.39 views

CVE-2009-0274

Unspecified vulnerability in WebAccess in Novell GroupWise 6.5, 7.0, 7.01, 7.02x, 7.03, 7.03HP1a, and 8.0 might allow remote attackers to obtain sensitive information via a crafted URL, related to conversion of POST requests to GET requests.

5CVSS6.3AI score0.00365EPSS
CVE
CVEadded 2002/05/03 4:0 a.m.38 views

CVE-2001-1232

GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary directory contents via an HTTP request with a lowercase "get".

5CVSS7.1AI score0.00737EPSS
CVE
CVEadded 2002/06/25 4:0 a.m.31 views

CVE-2002-0341

GWWEB.EXE in GroupWise Web Access 5.5, and possibly other versions, allows remote attackers to determine the full pathname of the web server via an HTTP request with an invalid HTMLVER parameter.

5CVSS6.8AI score0.00172EPSS