Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-22514
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote malicious users to execute arbitrary code on affected installations of APM.
Microfocus Application Performance Management 9.50
Microfocus Application Performance Management 9.40
Microfocus Application Performance Management 9.51
312
VMScore
CVE-2017-14363
Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).
Microfocus Operations Manager I 10.60
Microfocus Operations Manager I 10.61
Microfocus Operations Manager I 10.62
668
VMScore
CVE-2018-6488
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution.
Microfocus Ucmdb Configuration Manager 4.10
Microfocus Ucmdb Configuration Manager 4.11
Microfocus Ucmdb Configuration Manager 4.12
NA
CVE-2022-38754
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The ...
Microfocus Operations Bridge
Microfocus Operations Bridge Manager
605
VMScore
CVE-2021-38125
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploite...
Microfocus Operations Bridge
Microfocus Operations Bridge 2021.05
516
VMScore
CVE-2018-17948
An open redirect vulnerability exists in the Access Manager Identity Provider before 4.4 SP3.
Microfocus Access Manager 4.4
Microfocus Access Manager
445
VMScore
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq Edirectory
Microfocus Netiq Edirectory 9.0
312
VMScore
CVE-2017-8993
A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.
Microfocus Project And Portfolio Management 9.3.0
Microfocus Project And Portfolio Management 9.3.1
Microfocus Project And Portfolio Management 9.4.0
Microfocus Project And Portfolio Management 9.3.2
383
VMScore
CVE-2021-22531
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
Microfocus Access Manager 4.5
Microfocus Access Manager 5.0
436
VMScore
CVE-2020-9517
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
Microfocus Service Manager 9.50
Microfocus Service Manager 9.60
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »