Vulnerabilities > Microfocus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-05-02 | CVE-2019-3490 | Cross-site Scripting vulnerability in Microfocus Open Enterprise Server 2015.1/2018.0/2018.1 A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. | 6.1 |
| 2019-04-29 | CVE-2019-3493 | Unspecified vulnerability in Microfocus Network Automation and Network Operations Management A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. | 8.8 |
| 2019-04-01 | CVE-2019-3489 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Content Manager An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. | 7.5 |
| 2019-03-27 | CVE-2018-19644 | Cross-site Scripting vulnerability in Microfocus Solutions Business Manager Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 6.1 |
| 2019-03-27 | CVE-2018-19643 | Information Exposure vulnerability in Microfocus Solutions Business Manager Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 7.5 |
| 2019-03-27 | CVE-2018-19642 | Improper Input Validation vulnerability in Microfocus Solutions Business Manager Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 7.5 |
| 2019-03-27 | CVE-2018-19641 | Code Injection vulnerability in Microfocus Solutions Business Manager Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 9.8 |
| 2019-03-25 | CVE-2019-3476 | Unspecified vulnerability in Microfocus Data Protector 10.03 Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | 9.8 |
| 2019-03-21 | CVE-2016-9166 | Permissions, Privileges, and Access Controls vulnerability in Microfocus Netiq Edirectory 9.0 NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security. | 7.5 |
| 2019-02-20 | CVE-2019-3475 | Improper Privilege Management vulnerability in Microfocus Filr 3.0 A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. | 7.8 |