cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2006-6450,https://securityvulnerability.io/vulnerability/CVE-2006-6450,,Multiple SQL injection vulnerabilities in dagent/downloadreport.asp in Novell ZENworks Patch Management (ZPM) before 6.3.2.700 allow remote attackers to execute arbitrary SQL commands via the (1) agentid and (2) pass parameters.,Novell,Zenworks Patch Management Server,,,0.010769999586045742,false,false,false,false,,false,false,2006-12-10T21:00:00.000Z,0
CVE-2006-3425,https://securityvulnerability.io/vulnerability/CVE-2006-3425,,"FastPatch for (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and (b) Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point (PDP) proxy servers via modified (1) List, (2) Proxy, or (3) Delete parameters.",Novell,"Zenworks,Patchlink Update Server",,,0.020349999889731407,false,false,false,false,,false,false,2006-07-07T00:00:00.000Z,0
CVE-2006-3426,https://securityvulnerability.io/vulnerability/CVE-2006-3426,,"Directory traversal vulnerability in (a) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (b) Novell ZENworks 6.2 SR1 and earlier allows remote attackers to overwrite arbitrary files and directories via a .. (dot dot) sequence in the (1) action, (2) agentid, or (3) index parameters to dagent/nwupload.asp, which are used as pathname components.",Novell,"Zenworks,Patchlink Update Server",,,0.008790000341832638,false,false,false,false,,false,false,2006-07-07T00:00:00.000Z,0
CVE-2006-3430,https://securityvulnerability.io/vulnerability/CVE-2006-3430,,"SQL injection vulnerability in checkprofile.asp in (1) PatchLink Update Server (PLUS) before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and (2) Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter.",Novell,"Zenworks,Patchlink Update Server",,,0.01269999984651804,false,false,false,false,,false,false,2006-07-07T00:00:00.000Z,0
CVE-2005-3786,https://securityvulnerability.io/vulnerability/CVE-2005-3786,,"Novell ZENworks for Desktops 4.0.1, ZENworks for Servers 3.0.2, and ZENworks 6.5 Desktop Management does not restrict access to Remote Diagnostics, which allows local users to bypass security policies by using Console One.",Novell,"Zenworks Servers,Zenworks Desktops,Zenworks",,,0.0005000000237487257,false,false,false,false,,false,false,2005-11-23T23:00:00.000Z,0
CVE-2005-3315,https://securityvulnerability.io/vulnerability/CVE-2005-3315,,"Multiple SQL injection vulnerabilities in Novell ZENworks Patch Management 6.x before 6.2.2.181 allow remote attackers to execute arbitrary SQL commands via the (1) Direction parameter to computers/default.asp, and the (2) SearchText, (3) StatusFilter, and (4) computerFilter parameters to reports/default.asp.",Novell,Zenworks Patch Management Server,,,0.9594100117683411,false,false,false,false,,false,false,2005-10-30T20:00:00.000Z,0
CVE-2005-1543,https://securityvulnerability.io/vulnerability/CVE-2005-1543,,"Multiple stack-based and heap-based buffer overflows in Remote Management authentication (zenrem32.exe) on Novell ZENworks 6.5 Desktop and Server Management, ZENworks for Desktops 4.x, ZENworks for Servers 3.x, and Remote Management allows remote attackers to execute arbitrary code via (1) unspecified vectors, (2) type 1 authentication requests, and (3) type 2 authentication requests.",Novell,"Zenworks Desktops,Zenworks Server Management,Zenworks Remote Management,Zenworks,Zenworks Servers",,,0.9603899717330933,false,false,false,false,,false,false,2005-05-25T04:00:00.000Z,0