Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2016-1599
Cross-site scripting (XSS) vulnerability in NetIQ Self Service Password Reset (SSPR) 2.x and 3.x prior to 3.3.1 HF2 allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Microfocus Self Service Password Reset 3.0
Microfocus Self Service Password Reset 2.0
Microfocus Self Service Password Reset 3.1
Microfocus Self Service Password Reset 3.3
Microfocus Self Service Password Reset 3.3.1
Microfocus Self Service Password Reset 3.2
8.8
CVSSv3
CVE-2020-11853
Arbitrary code execution vulnerability affecting multiple Micro Focus products. 1.) Operation Bridge Manager affecting version: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, versions 10.6x and 10.1x and older versions. 2.) Application Performance Management affecting versions : 9....
Microfocus Operations Bridge Manager 2020.05
Microfocus Operations Bridge Manager 2019.11
Microfocus Operations Bridge Manager 2019.05
Microfocus Operations Bridge Manager 2018.11
Microfocus Operations Bridge Manager 2018.05
Microfocus Operation Bridge Manager 10.11
Microfocus Operation Bridge Manager 10.12
Microfocus Operation Bridge Manager 10.60
Microfocus Operation Bridge Manager 10.61
Microfocus Operation Bridge Manager 10.62
Microfocus Operation Bridge Manager 10.63
Microfocus Operation Bridge Manager
Microfocus Operations Bridge Manager 2019.08
Microfocus Operations Bridge Manager 2018.08
Microfocus Operations Bridge Manager 2018.02
Microfocus Operations Bridge Manager 2017.11
Hp Universal Cmbd Foundation 10.20
Microfocus Application Performance Management 9.50
Microfocus Application Performance Management 9.40
Microfocus Application Performance Management 9.51
Microfocus Data Center Automation
Hp Universal Cmbd Foundation 2018.05
7.8
CVSSv3
CVE-2016-1990
HPE ArcSight ESM 5.x prior to 5.6, 6.0, 6.5.x prior to 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express prior to 6.9.1, allows local users to gain privileges for command execution via unspecified vectors.
Microfocus Arcsight Enterprise Security Manager
Microfocus Arcsight Enterprise Security Manager 6.0
Microfocus Arcsight Enterprise Security Manager 6.5
Microfocus Arcsight Enterprise Security Manager 6.9
Microfocus Arcsight Enterprise Security Manager 6.8
8
CVSSv3
CVE-2016-1991
HPE ArcSight ESM 5.x prior to 5.6, 6.0, 6.5.x prior to 6.5C SP1 Patch 2, and 6.8c before P1, and ArcSight ESM Express prior to 6.9.1, allows remote authenticated users to conduct unspecified "file download" attacks via unknown vectors.
Microfocus Arcsight Enterprise Security Manager 6.0
Microfocus Arcsight Enterprise Security Manager 6.8
Microfocus Arcsight Enterprise Security Manager
Microfocus Arcsight Enterprise Security Manager 6.5
Microfocus Arcsight Enterprise Security Manager 6.9
NA
CVE-2014-3460
Directory traversal vulnerability in the DumpToFile method in the NQMcsVarSet ActiveX control in Agent Manager in NetIQ Sentinel allows remote malicious users to create arbitrary files, and consequently execute arbitrary code, via a crafted pathname.
Microfocus Sentinel -
Microfocus Sentinel Agent Manager -
NA
CVE-2012-0432
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x prior to 8.8.7.2 allows remote malicious users to have an unspecified impact via unknown vectors.
Microfocus Edirectory 8.8.7.0
Microfocus Edirectory 8.8.7.1
2 EDB exploits
9.8
CVSSv3
CVE-2018-6488
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution.
Microfocus Ucmdb Configuration Manager 4.10
Microfocus Ucmdb Configuration Manager 4.11
Microfocus Ucmdb Configuration Manager 4.12
5.4
CVSSv3
CVE-2017-14363
Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).
Microfocus Operations Manager I 10.60
Microfocus Operations Manager I 10.61
Microfocus Operations Manager I 10.62
7.5
CVSSv3
CVE-2019-11654
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and previous versions, The vulnerability allows remote unauthenticated malicious users to read arbitrary files.
Microfocus Verastream Host Integrator 7.5
Microfocus Verastream Host Integrator 7.6
Microfocus Verastream Host Integrator 7.7
6.1
CVSSv3
CVE-2019-3490
A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote malicious user to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. This affects OES versions ...
Microfocus Open Enterprise Server 2015.1
Microfocus Open Enterprise Server 2018.0
Microfocus Open Enterprise Server 2018.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-21111
CVE-2024-32884
IDOR
CVE-2023-1000
CVE-2024-33260
CVE-2024-3682
reflected XSS
race condition
CVE-2024-3400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »