Vulnerabilities > Microfocus

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-21	CVE-2018-7687	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microfocus Client 2.0 The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnerability that could allow a local attacker to elevate privileges via a buffer overflow in ncfsd.sys. local low complexity microfocus CWE-119	7.8
2018-04-24	CVE-2018-6491	Unspecified vulnerability in Microfocus Ucmdb Configuration Manager Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00. network low complexity microfocus critical	9.8
2018-03-07	CVE-2018-7675	Information Exposure vulnerability in Microfocus Sentinel In NetIQ Sentinel before 8.1.x, a Sentinel user is logged into the Sentinel Web Interface. network high complexity microfocus CWE-200	5.3
2018-03-02	CVE-2017-9285	Improper Authentication vulnerability in multiple products NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. network low complexity netiq microfocus CWE-287 critical	9.8
2018-03-02	CVE-2017-7429	Improper Certificate Validation vulnerability in multiple products The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. network low complexity netiq microfocus CWE-295	8.8
2018-02-22	CVE-2018-6489	XXE vulnerability in Microfocus Project and Portfolio Management Center 9.32 XML External Entity (XXE) vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. network low complexity microfocus CWE-611 critical	9.8
2018-02-22	CVE-2018-6488	Code Injection vulnerability in Microfocus Ucmdb Configuration Manager 4.10/4.11/4.12 Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. network low complexity microfocus CWE-94 critical	9.8
2018-02-20	CVE-2018-6487	Information Exposure vulnerability in Microfocus Universal Cmdb Foundation Software Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. network low complexity microfocus CWE-200	7.5
2018-02-15	CVE-2017-8993	Cross-site Scripting vulnerability in Microfocus Project and Portfolio Management A Remote Cross-Site Scripting vulnerability in HPE Project and Portfolio Management (PPM) version v9.30, v9.31, v9.32, v9.40 was found. network low complexity microfocus CWE-79	5.4
2018-02-02	CVE-2018-6486	XXE vulnerability in Microfocus products XML External Entity (XXE) vulnerability in Micro Focus Fortify Audit Workbench (AWB) and Micro Focus Fortify Software Security Center (SSC), versions 16.10, 16.20, 17.10. network low complexity microfocus CWE-611 critical	9.8

Vulnerabilities > Microfocus {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Microfocus"}]}

Vulnerabilities > Microfocus