Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
7.6
CVSSv3
CVE-2021-22523
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and previous versions versions. The vulnerability could allow the control of web browser and hijacking user sessions.
Microfocus Verastream Host Integrator 7.8
Microfocus Verastream Host Integrator
5.4
CVSSv3
CVE-2020-11838
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x before 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Microfocus Arcsight Management Center
Microfocus Arcsight Management Center 2.6.1
4.3
CVSSv3
CVE-2020-11840
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x before 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.
Microfocus Arcsight Management Center
Microfocus Arcsight Management Center 2.6.1
NA
CVE-2012-5930
The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote malicious users to change the passwords of administrative accounts via a crafted ...
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
NA
CVE-2012-5931
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
Microfocus Privileged User Manager 2.3.1
Microfocus Privileged User Manager 2.3.0
1 EDB exploit
NA
CVE-2012-5932
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote malicious users to execute arbitrary Perl code via a crafted application/x-amf request.
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
6.1
CVSSv3
CVE-2021-38127
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
6.1
CVSSv3
CVE-2021-38126
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
5.9
CVSSv3
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions before 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
Microfocus Netiq Self Service Password Reset
Microfocus Netiq Self Service Password Reset 4.4
9.8
CVSSv3
CVE-2016-9176
Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and previous versions could be used by local attackers or attackers able to inject arguments to these binaries to execute code.
Microfocus Rumba
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »