Filtered by vendor Microfocus
Subscriptions
Total
248 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2008-7126 | 1 Microfocus | 1 Visibroker | 2024-11-21 | N/A |
Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow. | ||||
CVE-2001-0208 | 1 Microfocus | 1 Cobol | 2024-11-21 | N/A |
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files. | ||||
CVE-2024-9841 | 1 Microfocus | 2 Arcsight Management Center, Arcsight Platform | 2024-11-13 | 6.1 Medium |
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited. | ||||
CVE-2020-11859 | 1 Microfocus | 1 Imanager | 2024-11-08 | 7.6 High |
Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 | ||||
CVE-2024-4211 | 1 Microfocus | 1 Application Automation Tools | 2024-10-21 | 2.4 Low |
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers. This issue affects OpenText Application Automation Tools: 24.1.0 and below. | ||||
CVE-2024-4692 | 1 Microfocus | 1 Application Automation Tools | 2024-10-21 | 2.4 Low |
Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names. This issue affects OpenText Application Automation Tools: 24.1.0 and below. | ||||
CVE-2024-4690 | 1 Microfocus | 1 Application Automation Tools | 2024-10-21 | 8.0 High |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | ||||
CVE-2024-4184 | 1 Microfocus | 1 Application Automation Tools | 2024-10-21 | 8.0 High |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | ||||
CVE-2024-4189 | 1 Microfocus | 1 Application Automation Tools | 2024-10-21 | 8.0 High |
Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. | ||||
CVE-2024-4554 | 2 Microfocus, Netiq | 2 Netiq Access Manager, Access Manager | 2024-09-19 | 7.3 High |
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects NetIQ Access Manager before 5.0.4.1 and 5.1. | ||||
CVE-2021-22503 | 1 Microfocus | 1 Edirectory | 2024-09-19 | 5.4 Medium |
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. | ||||
CVE-2021-22533 | 2 Microfocus, Opentext | 2 Edirectory, Edirectory | 2024-09-19 | 6.5 Medium |
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. | ||||
CVE-2021-22532 | 1 Microfocus | 1 Edirectory | 2024-09-19 | 7.6 High |
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000. | ||||
CVE-2021-38133 | 1 Microfocus | 1 Edirectory | 2024-09-19 | 7.4 High |
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | ||||
CVE-2021-38132 | 2 Microfocus, Opentext | 2 Edirectory, Edirectory | 2024-09-19 | 5.3 Medium |
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | ||||
CVE-2021-38131 | 1 Microfocus | 1 Edirectory | 2024-09-19 | 5.4 Medium |
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. | ||||
CVE-2021-22509 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 8.1 High |
A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1 | ||||
CVE-2021-38120 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 5.1 Medium |
A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1. | ||||
CVE-2021-38121 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 8.3 High |
Insufficient or weak TLS protocol version identified in Advance authentication client server communication when specific service is accessed between devices. This issue affects NetIQ Advance Authentication versions before 6.3.5.1 | ||||
CVE-2021-38122 | 1 Microfocus | 1 Netiq Advanced Authentication | 2024-09-13 | 6.2 Medium |
A Cross-Site Scripting vulnerable identified in NetIQ Advance Authentication that impacts the server functionality and disclose sensitive information. This issue affects NetIQ Advance Authentication before 6.3.5.1 |