Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2021-22499
Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack.
Microfocus Application Performance Management 9.50
Microfocus Application Performance Management 9.40
Microfocus Application Performance Management 9.51
6.5
CVSSv3
CVE-2021-22500
Cross Site Request Forgery vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could be exploited by malicious user to trick the users into executing actions of the attacker's choosing.
Microfocus Application Performance Management 9.50
Microfocus Application Performance Management 9.40
Microfocus Application Performance Management 9.51
6.1
CVSSv3
CVE-2019-3490
A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote malicious user to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions ...
Microfocus Open Enterprise Server 2015.1
Microfocus Open Enterprise Server 2018.0
Microfocus Open Enterprise Server 2018.1
6.1
CVSSv3
CVE-2018-17948
An open redirect vulnerability exists in the Access Manager Identity Provider before 4.4 SP3.
Microfocus Access Manager 4.4
Microfocus Access Manager
9.8
CVSSv3
CVE-2021-38125
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploite...
Microfocus Operations Bridge
Microfocus Operations Bridge 2021.05
5.4
CVSSv3
CVE-2022-38754
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The ...
Microfocus Operations Bridge
Microfocus Operations Bridge Manager
7.5
CVSSv3
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq Edirectory
Microfocus Netiq Edirectory 9.0
5.4
CVSSv3
CVE-2017-8993
A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.
Microfocus Project And Portfolio Management 9.3.0
Microfocus Project And Portfolio Management 9.3.1
Microfocus Project And Portfolio Management 9.4.0
Microfocus Project And Portfolio Management 9.3.2
8.8
CVSSv3
CVE-2017-7423
A Cross-Site Request Forgery (CWE-352) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote unauthenticated malicious users to forge requests, if this component is ...
Microfocus Enterprise Server 2.3
Microfocus Enterprise Developer 2.3
NA
CVE-2014-5217
Cross-site request forgery (CSRF) vulnerability in nps/servlet/webacc in the Administration Console server in NetIQ Access Manager (NAM) 4.x prior to 4.1 allows remote malicious users to hijack the authentication of administrators for requests that change the administrative passw...
Microfocus Access Manager 4.0.1
Microfocus Access Manager 4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »