Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-20	CVE-2019-3474	Path Traversal vulnerability in Microfocus Filr 3.0 A path traversal vulnerability in the web application component of Micro Focus Filr 3.x allows a remote attacker authenticated as a low privilege user to download arbitrary files from the Filr server. network low complexity microfocus CWE-22	6.5
2019-02-12	CVE-2018-19645	Improper Authentication vulnerability in Microfocus Solutions Business Manager An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. network low complexity microfocus CWE-287 critical	9.8
2019-02-11	CVE-2019-5736	OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78	8.6
2018-12-13	CVE-2018-7691	Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10 A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access network low complexity microfocus	6.5
2018-12-13	CVE-2018-7690	Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10 A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access network low complexity microfocus	6.5
2018-12-12	CVE-2018-17952	Cross-site Scripting vulnerability in Microfocus Edirectory Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 network low complexity microfocus CWE-79	6.1
2018-12-12	CVE-2018-17950	Incorrect Authorization vulnerability in Microfocus Edirectory Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 network low complexity microfocus CWE-863	7.5
2018-12-12	CVE-2018-17949	Cross-site Scripting vulnerability in Microfocus Imanager Cross site scripting vulnerability in iManager prior to 3.1 SP2. network low complexity microfocus CWE-79	6.1
2018-11-21	CVE-2009-5153	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microfocus Netware In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted. network low complexity microfocus CWE-119 critical	9.8
2018-11-20	CVE-2018-17948	Open Redirect vulnerability in Microfocus Access Manager An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3. network low complexity microfocus CWE-601	6.1

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus