Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2024-11-22	CVE-2021-38118	Unspecified vulnerability in Microfocus Imanager Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. local low complexity microfocus	7.8
2024-11-22	CVE-2021-38135	Unspecified vulnerability in Microfocus Imanager Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000. network low complexity microfocus critical	9.8
2024-11-22	CVE-2023-24466	Unspecified vulnerability in Microfocus Imanager Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. network low complexity microfocus critical	9.8
2024-11-22	CVE-2023-24467	Unspecified vulnerability in Microfocus Imanager Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. network low complexity microfocus critical	9.8
2024-11-08	CVE-2024-9841	Cross-site Scripting vulnerability in Microfocus Arcsight Management Center and Arcsight Platform A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. network low complexity microfocus CWE-79	6.1
2024-11-06	CVE-2020-11859	Cross-site Scripting vulnerability in Microfocus Imanager Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3 network low complexity microfocus CWE-79	5.4
2024-10-16	CVE-2024-4184	XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. network low complexity microfocus CWE-611	8.0
2024-10-16	CVE-2024-4189	XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. network low complexity microfocus CWE-611	8.0
2024-10-16	CVE-2024-4211	Unspecified vulnerability in Microfocus Application Automation Tools Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. network low complexity microfocus	2.4
2024-10-16	CVE-2024-4690	XXE vulnerability in Microfocus Application Automation Tools Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below. network low complexity microfocus CWE-611	8.0

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus