Filtered by vendor Microfocus
Subscriptions
Total
241 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19644 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-17 | N/A |
| Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | ||||
| CVE-2018-7683 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-17 | N/A |
| Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. | ||||
| CVE-2020-11849 | 1 Microfocus | 1 Identity Manager | 2024-09-17 | 9.8 Critical |
| Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information exposure that can result in an elevation of privilege or an unauthorized access. | ||||
| CVE-2017-9282 | 1 Microfocus | 1 Visibroker | 2024-09-17 | N/A |
| An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed. | ||||
| CVE-2017-9272 | 1 Microfocus | 2 Bi-directional Driver, Identity Manager | 2024-09-17 | N/A |
| The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack. | ||||
| CVE-2018-18590 | 1 Microfocus | 1 Operations Bridge | 2024-09-17 | N/A |
| A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure. | ||||
| CVE-2018-6498 | 1 Microfocus | 5 Data Center Automation, Hybrid Cloud Management, Network Operations Management and 2 more | 2024-09-17 | N/A |
| Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution. | ||||
| CVE-2012-5932 | 1 Microfocus | 1 Privileged User Manager | 2024-09-17 | N/A |
| Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request. | ||||
| CVE-2017-7422 | 1 Microfocus | 2 Enterprise Developer, Enterprise Server | 2024-09-17 | N/A |
| Reflected and stored Cross-Site Scripting (XSS, CWE-79) vulnerabilities in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allow remote authenticated attackers to bypass protection mechanisms (CWE-693) and other security features, if this component is configured. Note esfadmingui is not enabled by default. | ||||
| CVE-2017-14363 | 1 Microfocus | 1 Operations Manager I | 2024-09-17 | N/A |
| Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). | ||||
| CVE-2017-9285 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-09-17 | N/A |
| NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. | ||||
| CVE-2018-7679 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-17 | N/A |
| Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution. | ||||
| CVE-2018-19642 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-17 | N/A |
| Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | ||||
| CVE-2017-7429 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-09-16 | N/A |
| The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. | ||||
| CVE-2018-7682 | 1 Microfocus | 1 Solutions Business Manager | 2024-09-16 | N/A |
| Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. | ||||
| CVE-2021-22527 | 1 Microfocus | 1 Access Manager | 2024-09-16 | 6 Medium |
| Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | ||||
| CVE-2019-11649 | 1 Microfocus | 1 Fortify Software Security Center | 2024-09-16 | N/A |
| Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The vulnerability could be exploited to execute JavaScript code in user’s browser. | ||||
| CVE-2018-6494 | 1 Microfocus | 1 Service Manager | 2024-09-16 | 5.4 Medium |
| Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. | ||||
| CVE-2017-9273 | 1 Microfocus | 2 Bi-directional Driver, Identity Manager | 2024-09-16 | N/A |
| The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to unauthorized log configuration changes. | ||||
| CVE-2017-14361 | 1 Microfocus | 1 Project And Portfolio Management | 2024-09-16 | N/A |
| Man-In-The-Middle vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. This vulnerability could be exploited to allow a Man-in-the-middle attack. | ||||