Filtered by vendor Netiq
Subscribe
Total
68 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-5757 | 1 Netiq | 1 Access Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
| iManager Admin Console in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 was vulnerable to iFrame manipulation attacks, which could allow remote users to gain access to authentication credentials. | |||||
| CVE-2015-0787 | 1 Netiq | 1 Identity Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the accessMgrDN value of the forgotUser.do CGI. | |||||
| CVE-2016-1605 | 1 Netiq | 1 Sentinel | 2023-12-10 | 6.8 MEDIUM | 6.5 MEDIUM |
| Directory traversal vulnerability in the ReportViewServlet servlet in the server in NetIQ Sentinel 7.4.x before 7.4.2 allows remote attackers to read arbitrary files via a PREVIEW value for the fileType field. | |||||
| CVE-2016-1592 | 1 Netiq | 1 Identity Manager | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS in NetIQ Designer for Identity Manager before 4.5.3 allows remote attackers to inject arbitrary HTML code via the nrfEntitlementReport.do CGI. | |||||
| CVE-2014-4509 | 1 Netiq | 1 Identity Manager | 2023-12-10 | 4.6 MEDIUM | N/A |
| The MKDQUOTESAFE function in the Fan-out driver scripts in Fan-Out Platform Services in Novell Identity Manager (aka IDM) 4.0.2 allows local users to execute arbitrary commands by leveraging eDirectory POSIX attribute changes to insert shell metacharacters. | |||||
| CVE-2006-4803 | 1 Netiq | 1 Identity Manager | 2023-12-10 | 7.2 HIGH | N/A |
| The Fan-Out Linux and UNIX receiver scripts in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors involving certain environment variables and "code injection." | |||||
| CVE-2007-4526 | 2 Netiq, Novell | 2 Identity Manager, Client Login Extension \(cle\) | 2023-12-10 | 2.1 LOW | N/A |
| The Client Login Extension (CLE) in Novell Identity Manager before 3.5.1 20070730 stores the username and password in a local file, which allows local users to obtain sensitive information by reading this file. | |||||
| CVE-2006-4506 | 1 Netiq | 1 Identity Manager | 2023-12-10 | 3.6 LOW | N/A |
| idmlib.sh in nxdrv in Novell Identity Manager (IDM) 3.0.1 allows local users to execute arbitrary commands via unspecified vectors, possibly involving the " (quote) and \ (backslash) characters and eval injection. | |||||