Filtered by vendor Microfocus
Subscribe
Total
266 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-0430 | 1 Microfocus | 1 Edirectory | 2025-04-11 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. | |||||
| CVE-2013-4815 | 1 Microfocus | 1 Arcsight Enterprise Security Manager | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the web interface in HP ArcSight Enterprise Security Manager (ESM) before 5.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-5932 | 1 Microfocus | 1 Privileged User Manager | 2025-04-11 | 10.0 HIGH | N/A |
| Eval injection vulnerability in the ldapagnt_eval function in ldapagnt.dll in unifid.exe in NetIQ Privileged User Manager 2.3.x before 2.3.1 HF2 allows remote attackers to execute arbitrary Perl code via a crafted application/x-amf request. | |||||
| CVE-2012-0432 | 1 Microfocus | 1 Edirectory | 2025-04-11 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. | |||||
| CVE-2012-0428 | 1 Microfocus | 1 Edirectory | 2025-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2012-0429 | 1 Microfocus | 1 Edirectory | 2025-04-11 | 4.0 MEDIUM | N/A |
| dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. | |||||
| CVE-2023-24467 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 8.8 HIGH |
| Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. | |||||
| CVE-2023-24466 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 7.5 HIGH |
| Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. | |||||
| CVE-2021-38117 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 8.8 HIGH |
| Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||||
| CVE-2022-26324 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 7.6 HIGH |
| Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000. | |||||
| CVE-2021-38116 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 8.8 HIGH |
| Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5 | |||||
| CVE-2021-38119 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 6.1 MEDIUM |
| Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||||
| CVE-2021-38134 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 6.1 MEDIUM |
| Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000. | |||||
| CVE-2008-7127 | 1 Microfocus | 1 Visibroker | 2025-04-09 | 5.0 MEDIUM | N/A |
| osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) via a crafted packet with a large string length value to UDP port 14000, which triggers a memory allocation failure that is not properly handled. | |||||
| CVE-2008-7126 | 1 Microfocus | 1 Visibroker | 2025-04-09 | 10.0 HIGH | N/A |
| Integer overflow in osagent.exe in Borland VisiBroker Smart Agent 08.00.00.C1.03 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted packet with a large string length value to UDP port 14000, which triggers a heap-based buffer overflow. | |||||
| CVE-2001-0208 | 1 Microfocus | 1 Cobol | 2025-04-03 | 4.6 MEDIUM | N/A |
| MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files. | |||||
| CVE-2021-22506 | 1 Microfocus | 1 Access Manager | 2025-03-12 | 5.0 MEDIUM | 7.5 HIGH |
| Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage. | |||||
| CVE-2021-22502 | 1 Microfocus | 1 Operation Bridge Reporter | 2025-03-12 | 10.0 HIGH | 9.8 CRITICAL |
| Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server. | |||||
| CVE-2023-24468 | 1 Microfocus | 1 Netiq Advanced Authentication | 2025-02-27 | N/A | 9.8 CRITICAL |
| Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 | |||||
| CVE-2024-0622 | 1 Microfocus | 1 Operations Agent | 2025-01-23 | N/A | 8.8 HIGH |
| Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation. | |||||