Filtered by vendor Microfocus
Subscribe
Total
235 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22527 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
| CVE-2021-38130 | 1 Microfocus | 1 Voltage Securemail | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an information leakage attack. | |||||
| CVE-2021-38129 | 1 Microfocus | 1 Operations Agent | 2024-02-04 | 2.1 LOW | 3.3 LOW |
| Escalation of privileges vulnerability in Micro Focus in Micro Focus Operations Agent, affecting versions 12.x up to and including 12.21. The vulnerability could be exploited by a non-privileged local user to access system monitoring data collected by Operations Agent. | |||||
| CVE-2021-38126 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). | |||||
| CVE-2021-22526 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
| CVE-2021-22528 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
| CVE-2021-22524 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 4.0 MEDIUM | 4.9 MEDIUM |
| Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | |||||
| CVE-2021-38127 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS). | |||||
| CVE-2021-38124 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution. | |||||
| CVE-2021-22505 | 1 Microfocus | 1 Operations Agent | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent. | |||||
| CVE-2021-22512 | 1 Microfocus | 1 Application Automation Tools | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow form validation without permission checks. | |||||
| CVE-2021-22516 | 1 Microfocus | 1 Secure Api Manager | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file. | |||||
| CVE-2021-22515 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | |||||
| CVE-2021-22511 | 1 Microfocus | 1 Application Automation Tools | 2024-02-04 | 6.4 MEDIUM | 6.5 MEDIUM |
| Improper Certificate Validation vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow unconditionally disabling of SSL/TLS certificates. | |||||
| CVE-2021-22513 | 1 Microfocus | 1 Application Automation Tools | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
| Missing Authorization vulnerability in Micro Focus Application Automation Tools Plugin - Jenkins plugin. The vulnerability affects version 6.7 and earlier versions. The vulnerability could allow access without permission checks. | |||||
| CVE-2021-22507 | 1 Microfocus | 1 Operations Bridge Manager | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication bypass vulnerability in Micro Focus Operations Bridge Manager affects versions 2019.05, 2019.11, 2020.05 and 2020.10. The vulnerability could allow remote attackers to bypass user authentication and get unauthorized access. | |||||
| CVE-2021-22519 | 1 Microfocus | 1 Sitescope | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Execute arbitrary code vulnerability in Micro Focus SiteScope product, affecting versions 11.40,11.41 , 2018.05(11.50), 2018.08(11.51), 2018.11(11.60), 2019.02(11.70), 2019.05(11.80), 2019.08(11.90), 2019.11(11.91), 2020.05(11.92), 2020.10(11.93). The vulnerability could allow remote attackers to execute arbitrary code on affected installations of SiteScope. | |||||
| CVE-2021-22514 | 1 Microfocus | 1 Application Performance Management | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote attackers to execute arbitrary code on affected installations of APM. | |||||
| CVE-2021-22523 | 1 Microfocus | 1 Verastream Host Integrator | 2024-02-04 | 6.8 MEDIUM | 7.6 HIGH |
| XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions. | |||||
| CVE-2021-22522 | 1 Microfocus | 1 Verastream Host Integrator | 2024-02-04 | 6.8 MEDIUM | 7.1 HIGH |
| Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data. | |||||