Vulnerabilities > Microfocus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-23 | CVE-2019-11654 | Path Traversal vulnerability in Microfocus Verastream Host Integrator 7.5/7.6/7.7 Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | 7.5 |
| 2019-06-03 | CVE-2019-11646 | Unspecified vulnerability in Microfocus Service Manager Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. | 8.8 |
| 2019-05-09 | CVE-2016-1600 | Information Exposure vulnerability in Microfocus Identity Manager The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. | 7.5 |
| 2019-04-29 | CVE-2019-3493 | Unspecified vulnerability in Microfocus Network Automation and Network Operations Management A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. | 8.8 |
| 2019-04-01 | CVE-2019-3489 | Unrestricted Upload of File with Dangerous Type vulnerability in Microfocus Content Manager An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. | 7.5 |
| 2019-03-27 | CVE-2018-19643 | Information Exposure vulnerability in Microfocus Solutions Business Manager Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 7.5 |
| 2019-03-27 | CVE-2018-19642 | Improper Input Validation vulnerability in Microfocus Solutions Business Manager Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 7.5 |
| 2019-03-21 | CVE-2016-9166 | Permissions, Privileges, and Access Controls vulnerability in Microfocus Netiq Edirectory 9.0 NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security. | 7.5 |
| 2019-02-20 | CVE-2019-3475 | Improper Privilege Management vulnerability in Microfocus Filr 3.0 A local privilege escalation vulnerability in the famtd component of Micro Focus Filr 3.0 allows a local attacker authenticated as a low privilege user to escalate to root. | 7.8 |
| 2019-02-11 | CVE-2019-5736 | OS Command Injection vulnerability in multiple products runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec. local low complexity docker linuxfoundation redhat google linuxcontainers hp netapp apache opensuse d2iq fedoraproject canonical microfocus CWE-78 | 8.6 |