Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-11842
Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated malicious users to view information they may not have been authorized to vi...
Microfocus Verastream Host Integrator
Microfocus Verastream Host Integrator 7.8
6.5
CVSSv2
CVE-2020-9523
Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version before 4.0 Patch Update 16, and version 5.0 Patch Update 6. The vulnerability could allow an malicious user to transmit hashed credentials for the u...
Microfocus Enterprise Developer 4.0
Microfocus Enterprise Developer 5.0
Microfocus Enterprise Developer
Microfocus Enterprise Server 4.0
Microfocus Enterprise Server 5.0
Microfocus Enterprise Server
6.5
CVSSv2
CVE-2020-9521
An SQL injection vulnerability exists in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02, 2018.08, 2018.05, 2018.02. The vulnerability could allow for the improper neutralization of special elements in SQL commands and may lead to the pr...
Microfocus Service Manager Automation 2019.05
Microfocus Service Manager Automation 2019.02
Microfocus Service Manager Automation 2018.08
Microfocus Service Manager Automation 2018.05
Microfocus Service Manager Automation 2018.02
Microfocus Service Manager Automation 2019.08
3.5
CVSSv2
CVE-2020-9520
A stored XSS vulnerability exists in Micro Focus Vibe, affecting all Vibe version before 4.0.7. The vulnerability could allows a remote malicious user to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker contr...
Microfocus Vibe
5
CVSSv2
CVE-2020-9518
Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.
Microfocus Service Manager
5
CVSSv2
CVE-2020-9519
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data.
Microfocus Service Manager
4.9
CVSSv2
CVE-2020-9517
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
Microfocus Service Manager 9.50
Microfocus Service Manager 9.60
1 Github repository
6.8
CVSSv2
CVE-2019-11657
Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight Logger affecting all product versions below version 7.0. The vulnerability could be exploited to perform CSRF attack.
Microfocus Arcsight Logger
5
CVSSv2
CVE-2019-17087
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under.
Microfocus Acutoweb
4
CVSSv2
CVE-2019-17085
XXE attack vulnerability on Micro Focus Operations Agent, affected version 12.0, 12.01, 12.02, 12.03, 12.04, 12.05, 12.06, 12.10, 12.11. The vulnerability could be exploited to do an XXE attack on Operations Agent.
Microfocus Operations Agent 12.01
Microfocus Operations Agent 12.02
Microfocus Operations Agent 12.03
Microfocus Operations Agent 12.04
Microfocus Operations Agent 12.05
Microfocus Operations Agent 12.06
Microfocus Operations Agent 12.10
Microfocus Operations Agent 12.11
Microfocus Operations Agent 12.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-26978
CVE-2024-26982
wireless
CVE-2023-6949
CVE-2024-26980
CVE-2024-32766
CVE-2024-26939
cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »