Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2018-12-12	CVE-2018-17950	Incorrect Authorization vulnerability in Microfocus Edirectory Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 network low complexity microfocus CWE-863	7.5
2018-12-12	CVE-2018-17949	Cross-site Scripting vulnerability in Microfocus Imanager Cross site scripting vulnerability in iManager prior to 3.1 SP2. network low complexity microfocus CWE-79	6.1
2018-11-21	CVE-2009-5153	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microfocus Netware In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted. network low complexity microfocus CWE-119 critical	9.8
2018-11-20	CVE-2018-17948	Open Redirect vulnerability in Microfocus Access Manager An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3. network low complexity microfocus CWE-601	6.1
2018-11-15	CVE-2018-12480	Cross-site Scripting vulnerability in Microfocus Access Manager Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. network low complexity microfocus CWE-79	6.1
2018-11-13	CVE-2018-18591	Information Exposure vulnerability in Microfocus Service Manager A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. network low complexity microfocus CWE-200	6.5
2018-11-07	CVE-2018-18590	Information Exposure vulnerability in Microfocus Operations Bridge A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. low complexity microfocus CWE-200	8.8
2018-10-23	CVE-2018-18589	Deserialization of Untrusted Data vulnerability in Microfocus Real User Monitoring A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. network low complexity microfocus CWE-502	8.8
2018-10-12	CVE-2018-12469	NULL Pointer Dereference vulnerability in Microfocus Enterprise Developer and Enterprise Server Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2 causes a null pointer dereference (CWE-476) and subsequent denial of service due to process termination. network low complexity microfocus CWE-476	7.5
2018-09-20	CVE-2018-6504	Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Management Center A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. network low complexity microfocus CWE-352	8.8

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus