Filtered by vendor Opentext
Subscriptions
Total
104 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-22533 | 2 Microfocus, Opentext | 2 Edirectory, Edirectory | 2024-09-19 | 6.5 Medium |
| Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. | ||||
| CVE-2021-38132 | 2 Microfocus, Opentext | 2 Edirectory, Edirectory | 2024-09-18 | 5.3 Medium |
| Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | ||||
| CVE-2017-8892 | 1 Opentext | 1 Tempo Box | 2024-09-17 | N/A |
| Cross-site scripting (XSS) vulnerability in OpenText Tempo Box 10.0.3 allows remote attackers to inject arbitrary web script or HTML persistently via the name of an uploaded image. | ||||
| CVE-2021-22518 | 1 Opentext | 1 Identity Manager Azuread Driver | 2024-09-12 | 5.8 Medium |
| A vulnerability identified in OpenText™ Identity Manager AzureAD Driver that allows logging of sensitive information into log file. This impacts all versions before 5.1.4.0 | ||||
| CVE-2023-4553 | 3 Linux, Microsoft, Opentext | 3 Linux Kernel, Windows, Appbuilder | 2024-08-28 | 5.3 Medium |
| Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before 23.2. | ||||
| CVE-2024-6361 | 1 Opentext | 1 Alm Octane | 2024-08-28 | 5.4 Medium |
| Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code execution attack. | ||||
| CVE-2020-11847 | 2 Microfocus, Opentext | 2 Netiq Privileged Access Manager, Privileged Access Manager | 2024-08-23 | 8.2 High |
| SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1. | ||||
| CVE-2020-11846 | 2 Microfocus, Opentext | 2 Netiq Privileged Access Manager, Privileged Access Manager | 2024-08-23 | 8.7 High |
| A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1. | ||||
| CVE-2020-11850 | 2 Microfocus, Opentext | 2 Netiq Self Service Password Reset, Self Service Password Reset | 2024-08-23 | 7.3 High |
| Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6 | ||||
| CVE-2023-7260 | 1 Opentext | 1 Cx-e Voice | 2024-08-23 | N/A |
| Path Traversal vulnerability discovered in OpenText™ CX-E Voice, affecting all version through 22.4. The vulnerability could allow arbitrarily access files on the system. | ||||
| CVE-2024-6358 | 1 Opentext | 1 Arcsight Intelligence | 2024-08-19 | 6.3 Medium |
| Incorrect Authorization vulnerability identified in OpenText ArcSight Intelligence. | ||||
| CVE-2024-6359 | 1 Opentext | 1 Arcsight Intelligence | 2024-08-19 | 6.4 Medium |
| Privilege escalation vulnerability identified in OpenText ArcSight Intelligence. | ||||
| CVE-2024-6357 | 1 Opentext | 1 Arcsight Intelligence | 2024-08-19 | 6.3 Medium |
| Insecure Direct Object Reference vulnerability identified in OpenText ArcSight Intelligence. | ||||
| CVE-2024-4187 | 1 Opentext | 1 Filr | 2024-08-15 | 5.4 Medium |
| Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites. | ||||
| CVE-2023-7249 | 1 Opentext | 1 Directory Services | 2024-08-13 | 9.8 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1. | ||||
| CVE-2004-2496 | 1 Opentext | 1 Opentext Firstclass | 2024-08-08 | N/A |
| The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search. | ||||
| CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2024-08-08 | N/A |
| FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | ||||
| CVE-2008-0769 | 1 Opentext | 1 Livelink Ecm | 2024-08-07 | N/A |
| Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input. | ||||
| CVE-2010-5283 | 1 Opentext | 1 Livelink Ecm | 2024-08-07 | N/A |
| Cross-site request forgery (CSRF) vulnerability in OpenText ECM (formerly Livelink ECM) 9.7.1 allows remote attackers to hijack the authentication of administrators for requests that change folder and resource permissions. | ||||
| CVE-2010-5282 | 1 Opentext | 1 Livelink Ecm | 2024-08-07 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in OpenText ECM (formerly Livelink ECM) 9.7.1 allow remote attackers to inject arbitrary web script or HTML via the (1) viewType and (2) sort parameters in a browse action to livelink/livelink; and the (3) nodeid, (4) setctx, and (5) support parameters to livelinkdav/nodes/OOB_DAVWindow.html. | ||||