Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microfocus vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-22514
An arbitrary code execution vulnerability exists in Micro Focus Application Performance Management, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow remote malicious users to execute arbitrary code on affected installations of APM.
Microfocus Application Performance Management 9.50
Microfocus Application Performance Management 9.40
Microfocus Application Performance Management 9.51
7.5
CVSSv3
CVE-2019-11654
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and previous versions, The vulnerability allows remote unauthenticated malicious users to read arbitrary files.
Microfocus Verastream Host Integrator 7.5
Microfocus Verastream Host Integrator 7.6
Microfocus Verastream Host Integrator 7.7
9.8
CVSSv3
CVE-2018-6488
Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. This vulnerability could be remotely exploited to allow Arbitrary Code Execution.
Microfocus Ucmdb Configuration Manager 4.10
Microfocus Ucmdb Configuration Manager 4.11
Microfocus Ucmdb Configuration Manager 4.12
7.5
CVSSv3
CVE-2016-9166
NetIQ eDirectory versions before 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.
Microfocus Netiq Edirectory
Microfocus Netiq Edirectory 9.0
6.1
CVSSv3
CVE-2018-17948
An open redirect vulnerability exists in the Access Manager Identity Provider before 4.4 SP3.
Microfocus Access Manager 4.4
Microfocus Access Manager
5.4
CVSSv3
CVE-2022-38754
A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM (Operations Bridge Manager) user to run Java Scripts in the browser context of another OBM user. Please note: The ...
Microfocus Operations Bridge
Microfocus Operations Bridge Manager
9.8
CVSSv3
CVE-2021-38125
Unauthenticated remote code execution in Micro Focus Operations Bridge containerized, affecting versions 2021.05, 2021.08, and newer versions of Micro Focus Operations Bridge containerized if the deployment was upgraded from 2021.05 or 2021.08. The vulnerability could be exploite...
Microfocus Operations Bridge
Microfocus Operations Bridge 2021.05
5.4
CVSSv3
CVE-2017-8993
A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found.
Microfocus Project And Portfolio Management 9.3.0
Microfocus Project And Portfolio Management 9.3.1
Microfocus Project And Portfolio Management 9.4.0
Microfocus Project And Portfolio Management 9.3.2
5.4
CVSSv3
CVE-2020-9517
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
Microfocus Service Manager 9.50
Microfocus Service Manager 9.60
1 Github repository
NA
CVE-2014-9412
Multiple cross-site scripting (XSS) vulnerabilities in NetIQ Access Manager (NAM) 4.x prior to 4.1 allow remote malicious users to inject arbitrary web script or HTML via (1) an arbitrary parameter to roma/jsp/debug/debug.jsp or (2) an arbitrary parameter in a debug.DumpAll actio...
Microfocus Access Manager 4.0.1
Microfocus Access Manager 4.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »