Filtered by vendor Microfocus Subscriptions
Total 248 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-18947 1 Microfocus 1 Solutions Business Manager 2024-11-21 3.5 Low
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure.
CVE-2019-18946 1 Microfocus 1 Solutions Business Manager 2024-11-21 4.8 Medium
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.
CVE-2019-18945 1 Microfocus 1 Solutions Business Manager 2024-11-21 7.3 High
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to privilege escalation vulnerability.
CVE-2019-18944 1 Microfocus 1 Solutions Business Manager 2024-11-21 4.9 Medium
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
CVE-2019-18943 1 Microfocus 1 Solutions Business Manager 2024-11-21 6.1 Medium
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to XML External Entity Processing (XXE) on certain operations.
CVE-2019-18942 1 Microfocus 1 Solutions Business Manager 2024-11-21 5.5 Medium
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
CVE-2019-17087 1 Microfocus 1 Acutoweb 2024-11-21 7.5 High
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under.
CVE-2019-17085 1 Microfocus 1 Operations Agent 2024-11-21 6.5 Medium
XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent.
CVE-2019-11674 1 Microfocus 1 Netiq Self Service Password Reset 2024-11-21 5.9 Medium
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions prior to 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
CVE-2019-11669 1 Microfocus 1 Service Manager 2024-11-21 7.5 High
Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.
CVE-2019-11668 1 Microfocus 3 Service Manager, Service Manager Chat Server, Service Manager Chat Service 2024-11-21 7.5 High
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62.
CVE-2019-11667 1 Microfocus 1 Service Manager 2024-11-21 7.5 High
Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data.
CVE-2019-11666 1 Microfocus 1 Service Manager 2024-11-21 8.8 High
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data.
CVE-2019-11665 1 Microfocus 1 Service Manager 2024-11-21 7.5 High
Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
CVE-2019-11664 1 Microfocus 1 Service Manager 2024-11-21 6.5 Medium
Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
CVE-2019-11663 1 Microfocus 1 Service Manager 2024-11-21 6.5 Medium
Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
CVE-2019-11662 1 Microfocus 1 Service Manager 2024-11-21 4.3 Medium
Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message.
CVE-2019-11661 1 Microfocus 1 Service Manager 2024-11-21 8.3 High
Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data.
CVE-2019-11660 1 Microfocus 1 Data Protector 2024-11-21 7.8 High
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges.
CVE-2019-11658 1 Microfocus 1 Content Manager 2024-11-21 N/A
Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state.