CVSS: 10.0EPSS: 21%CPEs: 1EXPL: 0CVE-2011-0464
https://notcve.org/view.php?id=CVE-2011-0464
Unspecified vulnerability in Novell Vibe OnPrem 3.0 before Hot Patch 1 allows remote attackers to execute arbitrary code via unknown vectors. Vulnerabilidad sin especificar en Novell Vibe OnPrem 3.0 en versiones anteriores a Hot Patch 1 permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. • http://secunia.com/advisories/43606 http://securitytracker.com/id?1025163 http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5088845.html http://www.osvdb.org/70956 http://www.securityfocus.com/bid/46672 http://www.vupen.com/english/advisories/2011/0592 https://exchange.xforce.ibmcloud.com/vulnerabilities/65865 •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2010-4322
https://notcve.org/view.php?id=CVE-2010-4322
Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remote authenticated users to inject arbitrary web script or HTML via the Micro Blog (aka What Are You Working On?) field. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en gwtTeaming.rpc en Novell Vibe OnPrem 3 BETA permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del campo Micro Blog (tambien conocido como "En que estás trabajando). • http://www.securityfocus.com/archive/1/515147/100/0/threaded http://www.solutionary.com/index/SERT/Vuln-Disclosures/Novell-Vibe-Beta-3-XSS-vulnerability.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •