Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-09	CVE-2018-7692	Open Redirect vulnerability in Microfocus Edirectory Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. network low complexity microfocus CWE-601	6.1
2018-08-09	CVE-2018-7686	Information Exposure vulnerability in Microfocus Edirectory Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. network low complexity microfocus CWE-200	7.5
2018-08-01	CVE-2018-12468	Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Groupwise 18/18.0.1 A vulnerability in the administration console of Micro Focus GroupWise prior to version 18.0.2 may allow a remote attacker authenticated as an administrator to upload files to an arbitrary path on the server. network low complexity microfocus CWE-434	7.2
2018-06-29	CVE-2018-12465	OS Command Injection vulnerability in Microfocus Secure Messaging Gateway An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. network low complexity microfocus CWE-78	7.2
2018-06-29	CVE-2018-12464	SQL Injection vulnerability in Microfocus Secure Messaging Gateway A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. network low complexity microfocus CWE-89 critical	9.8
2018-06-22	CVE-2018-7682	Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains. network low complexity microfocus CWE-532	6.5
2018-06-21	CVE-2018-7683	Information Exposure Through Log Files vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. network low complexity microfocus CWE-532	7.5
2018-06-21	CVE-2018-7681	Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. network low complexity microfocus CWE-79	4.8
2018-06-21	CVE-2018-7680	Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values. network low complexity microfocus CWE-79	6.1
2018-06-21	CVE-2018-7679	Improper Input Validation vulnerability in Microfocus Solutions Business Manager Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution. network low complexity microfocus CWE-20 critical	9.8

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus