Filtered by vendor Microfocus Subscriptions
Filtered by product Edirectory Subscriptions
Total 16 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-7692 1 Microfocus 1 Edirectory 2024-11-21 N/A
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1.
CVE-2018-7686 1 Microfocus 1 Edirectory 2024-11-21 N/A
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
CVE-2018-17952 1 Microfocus 1 Edirectory 2024-11-21 N/A
Cross site scripting vulnerability in eDirectory prior to 9.1 SP2
CVE-2018-17950 1 Microfocus 1 Edirectory 2024-11-21 N/A
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
CVE-2017-9285 2 Microfocus, Netiq 2 Edirectory, Edirectory 2024-11-21 N/A
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.
CVE-2017-7429 2 Microfocus, Netiq 2 Edirectory, Edirectory 2024-11-21 N/A
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.
CVE-2012-0432 1 Microfocus 1 Edirectory 2024-11-21 N/A
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors.
CVE-2012-0430 1 Microfocus 1 Edirectory 2024-11-21 N/A
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors.
CVE-2012-0429 1 Microfocus 1 Edirectory 2024-11-21 N/A
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request.
CVE-2012-0428 1 Microfocus 1 Edirectory 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2021-22503 1 Microfocus 1 Edirectory 2024-09-19 5.4 Medium
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000.
CVE-2021-22533 2 Microfocus, Opentext 2 Edirectory, Edirectory 2024-09-19 6.5 Medium
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000.
CVE-2021-22532 1 Microfocus 1 Edirectory 2024-09-19 7.6 High
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000.
CVE-2021-38133 1 Microfocus 1 Edirectory 2024-09-19 7.4 High
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2021-38132 2 Microfocus, Opentext 2 Edirectory, Edirectory 2024-09-19 5.3 Medium
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.
CVE-2021-38131 1 Microfocus 1 Edirectory 2024-09-19 5.4 Medium
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000.