Filtered by vendor Microfocus
Subscribe
Total
235 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-11664 | 1 Microfocus | 1 Service Manager | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
Clear text password in browser in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | |||||
CVE-2019-11668 | 1 Microfocus | 3 Service Manager, Service Manager Chat Server, Service Manager Chat Service | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. | |||||
CVE-2019-11660 | 1 Microfocus | 1 Data Protector | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
Privileges manipulation in Micro Focus Data Protector, versions 10.00, 10.01, 10.02, 10.03, 10.04, 10.10, 10.20, 10.30, 10.40. This vulnerability could be exploited by a low-privileged user to execute a custom binary with higher privileges. | |||||
CVE-2019-11647 | 1 Microfocus | 1 Netiq Self Service Password Reset | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
A potential XSS exists in Self Service Password Reset, in Micro Focus NetIQ Software all versions prior to version 4.4. The vulnerability could be exploited to enable an XSS attack. | |||||
CVE-2019-11654 | 1 Microfocus | 1 Verastream Host Integrator | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | |||||
CVE-2018-6498 | 1 Microfocus | 5 Data Center Automation, Hybrid Cloud Management, Network Operations Management and 2 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution. | |||||
CVE-2018-17949 | 1 Microfocus | 1 Imanager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross site scripting vulnerability in iManager prior to 3.1 SP2. | |||||
CVE-2019-3475 | 2 Microfocus, Suse | 2 Filr, Suse Linux Enterprise Server | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. | |||||
CVE-2018-12469 | 1 Microfocus | 2 Enterprise Developer, Enterprise Server | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2 causes a null pointer dereference (CWE-476) and subsequent denial of service due to process termination. | |||||
CVE-2018-7691 | 1 Microfocus | 1 Fortify Software Security Center | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access | |||||
CVE-2018-6499 | 1 Microfocus | 9 Autopass License Server, Data Center Automation, Hybrid Cloud Management and 6 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution. | |||||
CVE-2018-7692 | 1 Microfocus | 1 Edirectory | 2024-02-04 | 5.8 MEDIUM | 6.1 MEDIUM |
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | |||||
CVE-2018-17950 | 1 Microfocus | 1 Edirectory | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 | |||||
CVE-2018-6504 | 1 Microfocus | 1 Arcsight Management Center | 2024-02-04 | 6.8 MEDIUM | 8.8 HIGH |
A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Cross-Site Request Forgery (CSRF). | |||||
CVE-2018-18590 | 1 Microfocus | 1 Operations Bridge | 2024-02-04 | 5.8 MEDIUM | 8.8 HIGH |
A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure. | |||||
CVE-2018-12480 | 1 Microfocus | 1 Access Manager | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. | |||||
CVE-2018-7690 | 1 Microfocus | 1 Fortify Software Security Center | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access | |||||
CVE-2019-3474 | 2 Microfocus, Suse | 2 Filr, Suse Linux Enterprise Server | 2024-02-04 | 4.0 MEDIUM | 6.5 MEDIUM |
A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. This vulnerability affects all versions of Filr 3.x prior to Security Update 6. | |||||
CVE-2018-19645 | 1 Microfocus | 1 Solutions Business Manager | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
CVE-2018-7686 | 1 Microfocus | 1 Edirectory | 2024-02-04 | 5.0 MEDIUM | 7.5 HIGH |
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. |