Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2019-03-27	CVE-2018-19641	Code Injection vulnerability in Microfocus Solutions Business Manager Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. network low complexity microfocus CWE-94 critical	9.8
2019-03-25	CVE-2019-3476	Unspecified vulnerability in Microfocus Data Protector 10.03 Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. network low complexity microfocus critical	9.8
2019-03-21	CVE-2016-9166	Permissions, Privileges, and Access Controls vulnerability in Microfocus Netiq Edirectory 9.0 NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security. network low complexity microfocus CWE-264	7.5
2019-02-20	CVE-2019-3475	Improper Privilege Management vulnerability in Microfocus Filr 3.0 A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. local low complexity microfocus CWE-269	7.8
2019-02-20	CVE-2019-3474	Path Traversal vulnerability in Microfocus Filr 3.0 A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. network low complexity microfocus CWE-22	6.5
2019-02-12	CVE-2018-19645	Improper Authentication vulnerability in Microfocus Solutions Business Manager An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. network low complexity microfocus CWE-287 critical	9.8
2019-02-11	CVE-2019-5736	OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78	8.6
2018-12-13	CVE-2018-7691	Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10 A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access network low complexity microfocus	6.5
2018-12-13	CVE-2018-7690	Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10 A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access network low complexity microfocus	6.5
2018-12-12	CVE-2018-17952	Cross-site Scripting vulnerability in Microfocus Edirectory Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 network low complexity microfocus CWE-79	6.1

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus