Filtered by vendor Microfocus
Subscribe
Total
256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11667 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data. | |||||
| CVE-2019-11666 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data. | |||||
| CVE-2019-11665 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | |||||
| CVE-2019-11664 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | |||||
| CVE-2019-11663 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Clear text credentials are used to access managers app in Tomcat in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | |||||
| CVE-2019-11662 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error message. | |||||
| CVE-2019-11661 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 6.5 MEDIUM | 8.3 HIGH |
| Allow changes to some table by non-SysAdmin in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized access and modification of data. | |||||
| CVE-2019-11660 | 1 Microfocus | 1 Data Protector | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. | |||||
| CVE-2019-11658 | 1 Microfocus | 1 Content Manager | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited subset of records they would not normally be able to access when the system is in an undisclosed abnormal state. | |||||
| CVE-2019-11657 | 1 Microfocus | 1 Arcsight Logger | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack. | |||||
| CVE-2019-11654 | 1 Microfocus | 1 Verastream Host Integrator | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | |||||
| CVE-2019-11653 | 1 Microfocus | 1 Content Manager | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request. | |||||
| CVE-2019-11652 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A potential authorization bypass issue was found in Micro Focus Self Service Password Reset (SSPR) versions prior to: 4.4.0.3, 4.3.0.6, and 4.2.0.6. Upgrade to Micro Focus Self Service Password Reset (SSPR) SSPR versions 4.4.0.3, 4.3.0.6, or 4.2.0.6 as appropriate. | |||||
| CVE-2019-11651 | 1 Microfocus | 2 Enterprise Developer, Enterprise Server | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS on Micro Focus Enterprise Developer and Enterprise Server, all versions prior to version 3.0 Patch Update 20, version 4.0 Patch Update 12, and version 5.0 Patch Update 2. The vulnerability could be exploited to redirect a user to a malicious page or forge certain types of web requests. | |||||
| CVE-2019-11650 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. | |||||
| CVE-2019-11649 | 1 Microfocus | 1 Fortify Software Security Center | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The vulnerability could be exploited to execute JavaScript code in user’s browser. | |||||
| CVE-2019-11647 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack. | |||||
| CVE-2019-11646 | 1 Microfocus | 1 Service Manager | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information. | |||||
| CVE-2018-7692 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | |||||
| CVE-2018-7691 | 1 Microfocus | 1 Fortify Software Security Center | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access | |||||