Vulnerabilities > Microfocus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-19 | CVE-2021-22498 | XXE vulnerability in Microfocus Application Lifecycle Management XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. | 8.1 |
| 2020-11-05 | CVE-2020-25837 | Unspecified vulnerability in Microfocus Self Service Password Reset Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. | 7.5 |
| 2020-10-27 | CVE-2020-11858 | Unspecified vulnerability in Microfocus Operations Bridge and Operations Bridge Manager Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). | 7.8 |
| 2020-10-22 | CVE-2020-11853 | Arbitrary code execution vulnerability affecting multiple Micro Focus products. | 8.8 |
| 2020-09-22 | CVE-2020-11855 | Incorrect Permission Assignment for Critical Resource vulnerability in Microfocus Operation Bridge Reporter An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 7.8 |
| 2020-09-18 | CVE-2020-11861 | Unspecified vulnerability in Microfocus Operations Agent Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11. | 7.8 |
| 2020-08-19 | CVE-2020-11848 | Unspecified vulnerability in Microfocus Arcsight Management Center Denial of service vulnerability on Micro Focus ArcSight Management Center. | 7.5 |
| 2020-08-07 | CVE-2020-11852 | OS Command Injection vulnerability in Microfocus Secure Messaging Gateway 471 DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). | 8.8 |
| 2020-05-04 | CVE-2020-11842 | Unspecified vulnerability in Microfocus Verastream Host Integrator Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). | 7.5 |
| 2020-04-17 | CVE-2020-9523 | Insufficiently Protected Credentials vulnerability in Microfocus Enterprise Developer Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterprise server, affecting all version prior to 4.0 Patch Update 16, and version 5.0 Patch Update 6. | 8.8 |