Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
356
VMScore
CVE-2021-22515
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions before 6.3 SP4 Patch 1.
Microfocus Netiq Advanced Authentication 6.3
Microfocus Netiq Advanced Authentication
605
VMScore
CVE-2021-22523
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and previous versions versions. The vulnerability could allow the control of web browser and hijacking user sessions.
Microfocus Verastream Host Integrator 7.8
Microfocus Verastream Host Integrator
312
VMScore
CVE-2020-11838
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x before 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Microfocus Arcsight Management Center
Microfocus Arcsight Management Center 2.6.1
555
VMScore
CVE-2012-5931
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
Microfocus Privileged User Manager 2.3.1
Microfocus Privileged User Manager 2.3.0
1 EDB exploit
645
VMScore
CVE-2012-5930
The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote malicious users to change the passwords of administrative accounts via a crafted ...
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
1000
VMScore
CVE-2012-5932
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote malicious users to execute arbitrary Perl code via a crafted application/x-amf request.
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
383
VMScore
CVE-2021-38126
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
383
VMScore
CVE-2021-38127
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
383
VMScore
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions before 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
Microfocus Netiq Self Service Password Reset
Microfocus Netiq Self Service Password Reset 4.4
NA
CVE-2022-38755
A vulnerability has been identified in Micro Focus Filr in versions before 4.3.1.1. The vulnerability could be exploited to allow a remote unauthenticated malicious user to enumerate valid users of the system. Remote unauthenticated user enumeration. This issue affects: Micro Foc...
Microfocus Filr
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »