Vulnerabilities > Microfocus
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-08-09 | CVE-2018-7692 | Open Redirect vulnerability in Microfocus Edirectory Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | 6.1 |
2018-08-09 | CVE-2018-7686 | Information Exposure vulnerability in Microfocus Edirectory Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. | 7.5 |
2018-08-01 | CVE-2018-12468 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Groupwise 18/18.0.1 A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. | 7.2 |
2018-06-29 | CVE-2018-12465 | OS Command Injection vulnerability in Microfocus Secure Messaging Gateway An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. | 7.2 |
2018-06-29 | CVE-2018-12464 | SQL Injection vulnerability in Microfocus Secure Messaging Gateway A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. | 9.8 |
2018-06-22 | CVE-2018-7682 | Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. | 6.5 |
2018-06-21 | CVE-2018-7683 | Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. | 7.5 |
2018-06-21 | CVE-2018-7681 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. | 4.8 |
2018-06-21 | CVE-2018-7680 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. | 6.1 |
2018-06-21 | CVE-2018-7679 | Improper Input Validation vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution. | 9.8 |