Filtered by vendor Microfocus Subscriptions
Total 248 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2008-7126 1 Microfocus 1 Visibroker 2024-11-21 N/A
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow.
CVE-2001-0208 1 Microfocus 1 Cobol 2024-11-21 N/A
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
CVE-2024-9841 1 Microfocus 2 Arcsight Management Center, Arcsight Platform 2024-11-13 6.1 Medium
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.
CVE-2020-11859 1 Microfocus 1 Imanager 2024-11-08 7.6 High
Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3
CVE-2024-4211 1 Microfocus 1 Application Automation Tools 2024-10-21 2.4 Low
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers. This issue affects OpenText Application Automation Tools: 24.1.0 and below.
CVE-2024-4692 1 Microfocus 1 Application Automation Tools 2024-10-21 2.4 Low
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names. This issue affects OpenText Application Automation Tools: 24.1.0 and below.
CVE-2024-4690 1 Microfocus 1 Application Automation Tools 2024-10-21 8.0 High
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.
CVE-2024-4184 1 Microfocus 1 Application Automation Tools 2024-10-21 8.0 High
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.
CVE-2024-4189 1 Microfocus 1 Application Automation Tools 2024-10-21 8.0 High
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.
CVE-2024-4554 2 Microfocus, Netiq 2 Netiq Access Manager, Access Manager 2024-09-19 7.3 High
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1.
CVE-2021-22503 1 Microfocus 1 Edirectory 2024-09-19 5.4 Medium
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.
CVE-2021-22533 2 Microfocus, Opentext 2 Edirectory, Edirectory 2024-09-19 6.5 Medium
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000.
CVE-2021-22532 1 Microfocus 1 Edirectory 2024-09-19 7.6 High
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.
CVE-2021-38133 1 Microfocus 1 Edirectory 2024-09-19 7.4 High
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2021-38132 2 Microfocus, Opentext 2 Edirectory, Edirectory 2024-09-19 5.3 Medium
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2021-38131 1 Microfocus 1 Edirectory 2024-09-19 5.4 Medium
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000.
CVE-2021-22509 1 Microfocus 1 Netiq Advanced Authentication 2024-09-13 8.1 High
A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1
CVE-2021-38120 1 Microfocus 1 Netiq Advanced Authentication 2024-09-13 5.1 Medium
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1.
CVE-2021-38121 1 Microfocus 1 Netiq Advanced Authentication 2024-09-13 8.3 High
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices.  This issue affects NetIQ Advance Authentication versions before 6.3.5.1
CVE-2021-38122 1 Microfocus 1 Netiq Advanced Authentication 2024-09-13 6.2 Medium
A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1