VYPR

Imanager

by Novell

CVEs (33)

  • CVE-2024-3968May 15, 2024
    risk 0.00cvss epss 0.01

    Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can trigger remote code execution using custom file upload task.

  • CVE-2024-3970May 15, 2024
    risk 0.00cvss epss 0.01

    Server Side Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to senstive information disclosure by directory traversal.

  • CVE-2022-38758Jan 25, 2023
    risk 0.00cvss epss 0.00

    Cross-site Scripting (XSS) vulnerability in NetIQ iManager prior to version 3.2.6 allows attacker to execute malicious scripts on the user's browser. This issue affects: Micro Focus NetIQ iManager NetIQ iManager versions prior to 3.2.6 on ALL.

  • CVE-2018-17949Dec 12, 2018
    risk 0.00cvss epss 0.01

    Cross site scripting vulnerability in iManager prior to 3.1 SP2.

  • CVE-2013-3268Apr 24, 2013
    risk 0.00cvss epss 0.02

    Novell iManager 2.7 before SP6 Patch 1 does not refresh a token after a logout action, which has unspecified impact and remote attack vectors.

  • CVE-2013-1088Apr 24, 2013
    risk 0.00cvss epss 0.01

    Cross-site request forgery (CSRF) vulnerability in Novell iManager 2.7 before SP6 Patch 1 allows remote attackers to hijack the authentication of arbitrary users by leveraging improper request validation by iManager code deployed within an Apache Tomcat container.

  • CVE-2011-4188Apr 9, 2012
    risk 0.00cvss epss 0.02

    Buffer overflow in the Create Attribute function in jclient in Novell iManager 2.7.4 before patch 4 allows remote authenticated users to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted EnteredAttrName parameter, a related…

  • CVE-2009-4486Jan 8, 2010
    risk 0.00cvss epss 0.04

    Stack-based buffer overflow in the eDirectory plugin in Novell iManager before 2.7.3 allows remote attackers to execute arbitrary code via vectors that trigger long arguments to an unspecified sub-application, related to importing and exporting from a schema.

  • CVE-2008-3488Aug 6, 2008
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in Novell iManager before 2.7 SP1 (2.7.1) allows remote attackers to delete Plug-in Studio created Property Book Pages via unknown vectors.

  • CVE-2006-4517Nov 1, 2006
    risk 0.00cvss epss 0.03

    Novell iManager 2.5 and 2.0.2 allows remote attackers to cause a denial of service (crash) in the Tomcat server via a long TREE parameter in an HTTP POST, which triggers a NULL pointer dereference.

  • CVE-2005-1730Dec 31, 2005
    risk 0.00cvss epss 0.05

    Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this issue might overlap…

  • CVE-2002-1283Nov 29, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in Novell iManager (eMFrame) before 1.5 allows remote attackers to cause a denial of service via an authentication request with a long Distinguished Name (DN) attribute.

  • CVE-2002-1002Oct 4, 2002
    risk 0.00cvss epss 0.02

    Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.

Page 2 of 2