Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2020-11838
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x before 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Microfocus Arcsight Management Center
Microfocus Arcsight Management Center 2.6.1
7.5
CVSSv3
CVE-2020-11842
Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated malicious users to view information they may not have been authorized to vi...
Microfocus Verastream Host Integrator
Microfocus Verastream Host Integrator 7.8
6.3
CVSSv3
CVE-2022-38753
This update resolves a multi-factor authentication bypass attack
Microfocus Netiq Advanced Authentication
Microfocus Netiq Advanced Authentication 6.4
NA
CVE-2012-5930
The pa_modify_accounts function in auth.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 does not require authentication for the modifyAccounts method, which allows remote malicious users to change the passwords of administrative accounts via a crafted ...
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
NA
CVE-2012-5931
Directory traversal vulnerability in the set_log_config function in regclnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote authenticated users to create or overwrite arbitrary files via directory traversal sequences in a log pathname.
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
NA
CVE-2012-5932
Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x prior to 2.3.1 HF2 allows remote malicious users to execute arbitrary Perl code via a crafted application/x-amf request.
Microfocus Privileged User Manager 2.3.0
Microfocus Privileged User Manager 2.3.1
1 EDB exploit
6.1
CVSSv3
CVE-2021-38127
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
6.1
CVSSv3
CVE-2021-38126
Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS).
Microfocus Arcsight Enterprise Security Manager 7.4
Microfocus Arcsight Enterprise Security Manager 7.5
5.9
CVSSv3
CVE-2019-11674
Man-in-the-middle vulnerability in Micro Focus Self Service Password Reset, affecting all versions before 4.4.0.4. The vulnerability could exploit invalid certificate validation and may result in a man-in-the-middle attack.
Microfocus Netiq Self Service Password Reset
Microfocus Netiq Self Service Password Reset 4.4
9.8
CVSSv3
CVE-2016-9176
Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and previous versions could be used by local attackers or attackers able to inject arguments to these binaries to execute code.
Microfocus Rumba
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
8
9
10
NEXT »