Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-7424
A Path Traversal (CWE-22) vulnerability in esfadmingui in Micro Focus Enterprise Developer and Enterprise Server 2.3, 2.3 Update 1 before Hotfix 8, and 2.3 Update 2 before Hotfix 9 allows remote authenticated users to download arbitrary files from a system running the product, if...
Microfocus Enterprise Server 2.3
Microfocus Enterprise Developer 2.3
3.5
CVSSv2
CVE-2019-11649
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The vulnerab...
Microfocus Fortify Software Security Center 17.20
Microfocus Fortify Software Security Center 18.10
Microfocus Fortify Software Security Center 18.20
4
CVSSv2
CVE-2018-7690
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
Microfocus Fortify Software Security Center 17.10
Microfocus Fortify Software Security Center 17.20
Microfocus Fortify Software Security Center 18.10
1 Github repository
4
CVSSv2
CVE-2018-7691
A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access
Microfocus Fortify Software Security Center 17.10
Microfocus Fortify Software Security Center 17.20
Microfocus Fortify Software Security Center 18.10
1 Github repository
4
CVSSv2
CVE-2020-11840
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x before 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.
Microfocus Arcsight Management Center
Microfocus Arcsight Management Center 2.6.1
NA
CVE-2022-38753
This update resolves a multi-factor authentication bypass attack
Microfocus Netiq Advanced Authentication
Microfocus Netiq Advanced Authentication 6.4
6.8
CVSSv2
CVE-2021-22523
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and previous versions versions. The vulnerability could allow the control of web browser and hijacking user sessions.
Microfocus Verastream Host Integrator 7.8
Microfocus Verastream Host Integrator
3.5
CVSSv2
CVE-2020-11838
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x before 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
Microfocus Arcsight Management Center
Microfocus Arcsight Management Center 2.6.1
4
CVSSv2
CVE-2021-22515
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions before 6.3 SP4 Patch 1.
Microfocus Netiq Advanced Authentication 6.3
Microfocus Netiq Advanced Authentication
6.8
CVSSv2
CVE-2021-22522
Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and previous versions versions. The vulnerability could allow disclosure of confidential data.
Microfocus Verastream Host Integrator 7.8
Microfocus Verastream Host Integrator
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »