Open Enterprise Server@11.0 Security Vulnerabilities and Issues — Open Enterprise Server@11.0 CVE List

Lucene search

NovellOpen Enterprise Server11.0

9 matches found

CVE•added 2014/09/24 6:48 p.m.•2729 views

CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cg...

10CVSS9.9AI score0.9422EPSS

CVE•added 2014/09/25 1:55 a.m.•1238 views

CVE-2014-7169

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the F...

10CVSS8.4AI score0.9422EPSS

CVE•added 2019/12/30 10:15 p.m.•108 views

CVE-2013-2016

A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu addr...

7.8CVSS7.5AI score0.00074EPSS

CVE•added 2014/05/08 10:55 a.m.•54 views

CVE-2014-0595

/opt/novell/ncl/bin/nwrights in Novell Client for Linux in Novell Open Enterprise Server (OES) 11 Linux SP2 does not properly manage a certain array, which allows local users to obtain the S permission in opportunistic circumstances by leveraging the granting of the F permission by an administrator...

2.6CVSS6.3AI score0.00125EPSS

CVE•added 2014/06/18 5:55 p.m.•38 views

CVE-2014-0598

Directory traversal vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux has unspecified impact and remote attack vectors.

10CVSS6.9AI score0.00726EPSS

CVE•added 2017/01/23 3:59 p.m.•38 views

CVE-2017-5182

Remote Manager in Open Enterprise Server (OES) allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to OE...

7.8CVSS7.4AI score0.00988EPSS

CVE•added 2013/12/01 5:55 p.m.•33 views

CVE-2013-3707

The HTTPSTK service in the novell-nrm package before 2.0.2-297.305.302.3 in Novell Open Enterprise Server 2 (OES 2) Linux, and OES 11 Linux Gold and SP1, does not make the intended SSL_free and SSL_shutdown calls for the close of a TCP connection, which allows remote attackers to cause a denial of ...

4.3CVSS6.8AI score0.02972EPSS

CVE•added 2014/08/17 6:55 p.m.•32 views

CVE-2014-0609

Unspecified vulnerability in Novell Open Enterprise Server (OES) 11 SP1 before Scheduled Maintenance Update 9415 and 11 SP2 before Scheduled Maintenance Update 9413 for Linux has unknown impact and attack vectors.

10CVSS6.8AI score0.00207EPSS

CVE•added 2014/06/18 5:55 p.m.•30 views

CVE-2014-0599

Cross-site scripting (XSS) vulnerability in iPrint in Novell Open Enterprise Server (OES) 11 SP1 before Maintenance Update 9151 on Linux allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.9AI score0.00815EPSS