Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-22514
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote malicious users to execute arbitrary code on affected installations of APM.
Microfocus Application Performance Management 9.50
Microfocus Application Performance Management 9.40
Microfocus Application Performance Management 9.51
4.3
CVSSv2
CVE-2019-3490
A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote malicious user to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions ...
Microfocus Open Enterprise Server 2015.1
Microfocus Open Enterprise Server 2018.0
Microfocus Open Enterprise Server 2018.1
5
CVSSv2
CVE-2019-11654
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and previous versions, The vulnerability allows remote unauthenticated malicious users to read arbitrary files.
Microfocus Verastream Host Integrator 7.5
Microfocus Verastream Host Integrator 7.6
Microfocus Verastream Host Integrator 7.7
6.8
CVSSv2
CVE-2021-38125
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploite...
Microfocus Operations Bridge
Microfocus Operations Bridge 2021.05
NA
CVE-2022-38754
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The ...
Microfocus Operations Bridge
Microfocus Operations Bridge Manager
5
CVSSv2
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq Edirectory
Microfocus Netiq Edirectory 9.0
5.8
CVSSv2
CVE-2018-17948
An open redirect vulnerability exists in the Access Manager Identity Provider before 4.4 SP3.
Microfocus Access Manager 4.4
Microfocus Access Manager
3.5
CVSSv2
CVE-2017-8993
A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.
Microfocus Project And Portfolio Management 9.3.0
Microfocus Project And Portfolio Management 9.3.1
Microfocus Project And Portfolio Management 9.4.0
Microfocus Project And Portfolio Management 9.3.2
4
CVSSv2
CVE-2014-5215
NetIQ Access Manager (NAM) 4.x prior to 4.0.1 HF3 allows remote authenticated administrators to discover service-account passwords via a request to (1) roma/jsp/volsc/monitoring/dev_services.jsp or (2) roma/jsp/debug/debug.jsp.
Microfocus Access Manager 4.0.1
Microfocus Access Manager 4.0
4.3
CVSSv2
CVE-2021-22531
A bug exist in the input parameter of Access Manager that allows supply of invalid character to trigger cross-site scripting vulnerability. This affects NetIQ Access Manager 4.5 and 5.0
Microfocus Access Manager 4.5
Microfocus Access Manager 5.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »