Vulnerabilities > Microfocus

DATE CVE VULNERABILITY TITLE RISK
2020-12-11 CVE-2020-25838 Information Exposure vulnerability in Microfocus Filr
Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product.
network
low complexity
microfocus CWE-200
4.0
2020-11-20 CVE-2020-25839 SQL Injection vulnerability in Microfocus Identity Manager 4.8
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability.
network
low complexity
microfocus CWE-89
7.5
2020-11-17 CVE-2020-25833 Cross-Site Scripting vulnerability in Microfocus Idol
Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7.
network
microfocus CWE-79
3.5
2020-11-17 CVE-2020-25832 Cross-Site Scripting vulnerability in Microfocus Filr 4.2.1
Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1.
network
microfocus CWE-79
3.5
2020-11-17 CVE-2020-11851 Code Injection vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1
Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1.
network
low complexity
microfocus CWE-94
7.5
2020-11-17 CVE-2020-25834 Cross-Site Scripting vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1.
network
microfocus CWE-79
4.3
2020-11-17 CVE-2020-11860 Cross-Site Scripting vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1.
network
microfocus CWE-79
4.3
2020-11-05 CVE-2020-25837 Information Exposure vulnerability in Microfocus Self Service Password Reset
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product.
4.3
2020-10-27 CVE-2020-11858 Unspecified vulnerability in Microfocus Operations Bridge and Operations Bridge Manager
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized).
local
low complexity
microfocus
4.6
2020-10-27 CVE-2020-11854 Improper Authentication vulnerability in Microfocus products
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management.
network
low complexity
microfocus CWE-287
critical
10.0