microfocus
271 tracked vulnerabilities.
CVE-2018-12465
CRITICAL
Micro Focus SMG <471 - Command Injection
Jun 29, 2018
CVSS 9.1
EPSS 0.82
CVE-2018-12464
CRITICAL
Micro Focus Secure Messaging Gateway <471 - SQL Injection
Jun 29, 2018
CVSS 10.0
EPSS 0.76
CVE-2018-7682
MEDIUM
Micro Focus Solutions Business Manager < 11.4 - Insertion of Sensitive Information into Log File
Jun 22, 2018
CVSS 6.5
EPSS 0.00
CVE-2018-7683
HIGH
Micro Focus Solutions Business Manager < 11.4 - Sensitive Information Exposure in Server Log Files
Jun 21, 2018
CVSS 7.5
EPSS 0.00
CVE-2018-7681
MEDIUM
Micro Focus Solutions Business Manager < 11.4 - Stored Cross-Site Scripting via Favorites Folder URL
Jun 21, 2018
CVSS 4.8
EPSS 0.00
CVE-2018-7680
MEDIUM
Micro Focus Solutions Business Manager < 11.4 - Reflected Cross-Site Scripting via HTTP Header
Jun 21, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-7679
CRITICAL
Micro Focus Solutions Business Manager < 11.4 - Remote Code Execution via Unvalidated Avatar Image Upload
Jun 21, 2018
CVSS 9.8
EPSS 0.02
CVE-2018-6497
HIGH
Micro Focus CMS Server 2018.05 & Universal CMDB Server 10.20-10.33 - Unsafe Deserialization & CSRF
Jun 16, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-6496
HIGH
Micro Focus Universal CMDB Browser 4.10-4.15.1 - Unsafe Deserialization and Cross-Site Request Forgery
Jun 16, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-6495
MEDIUM
Micro Focus Universal CMDB 10.20-11.0 and CMS 4.10-4.15.1 - Cross-Site Scripting
May 23, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-6494
MEDIUM
Micro Focus Service Manager 9.30-9.51 - SQL Injection
May 22, 2018
CVSS 5.4
EPSS 0.00
CVE-2018-7687
HIGH
Micro Focus Client for OES < 2 SP4 IR8a - Local Privilege Escalation via Buffer Overflow in ncfsd.sys
May 21, 2018
CVSS 7.8
EPSS 0.00
CVE-2018-6491
HIGH
Micro Focus Universal CMDB <11.0 - Privilege Escalation
Apr 24, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-7675
LOW
NetIQ Sentinel < 8.1 - Exposure of Sensitive Information via Session Timeout
Mar 07, 2018
CVSS 2.8
EPSS 0.00
CVE-2018-6489
CRITICAL
Micro Focus Project and Portfolio Management Center 9.32 - XML External Entity Injection
Feb 22, 2018
CVSS 9.8
EPSS 0.00
CVE-2018-6488
HIGH
Microfocus Ucmdb Configuration Manager - Code Injection
Feb 22, 2018
CVSS 8.1
EPSS 0.01
CVE-2018-6487
CRITICAL
Micro Focus Universal CMDB Foundation Software Remote Information Disclosure
Feb 20, 2018
CVSS 9.8
EPSS 0.00
CVE-2018-6486
HIGH
Micro Focus Fortify Audit Workbench and Software Security Center 16.10, 16.20, 17.10 - XML External Entity Injection
Feb 02, 2018
CVSS 7.3
EPSS 0.00
CVE-2017-9285
MEDIUM
NetIQ eDirectory <9.0 SP4 - Privilege Escalation
Mar 02, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-7429
HIGH
NetIQ eDirectory PKI plugin <8.8.8.10 - Code Injection
Mar 02, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-8993
MEDIUM
HPE Project and Portfolio Management 9.30-9.40 - Cross-Site Scripting
Feb 15, 2018
CVSS 5.4
EPSS 0.00
CVE-2017-14363
MEDIUM
Micro Focus Operations Manager <10.63 - XSS
Dec 21, 2017
CVSS 5.9
EPSS 0.00
CVE-2017-14362
HIGH
Micro Focus Project and Portfolio Management Center 9.32 - Cross-Site Request Forgery
Dec 13, 2017
CVSS 7.3
EPSS 0.00
CVE-2017-14361
HIGH
Micro Focus Project and Portfolio Mgmt <9.32 - MITM
Dec 13, 2017
CVSS 7.4
EPSS 0.00
CVE-2017-14355
HIGH
HPE Connected Backup <8.8.6 - Privilege Escalation
Dec 05, 2017
CVSS 7.8
EPSS 0.00
Products
imanager 22
solutions_business_manager 17
access_manager 16
edirectory 16
service_manager 16
enterprise_developer 12
enterprise_server 12
netiq_advanced_authentication 11
application_automation_tools 9
arcsight_logger 9
arcsight_enterprise_security_manager 8
arcsight_management_center 8
operations_agent 7
operations_bridge 7
filr 6
operations_bridge_manager 6
application_performance_management 5
netiq_access_manager 5
visibroker 5
fortify_software_security_center 4
netiq_self_service_password_reset 4
operation_bridge_reporter 4
sentinel 4
service_management_automation 4
verastream_host_integrator 4
content_manager 3
data_center_automation 3
data_protector 3
dimensions_cm 3
enterprise_server_monitor_and_control 3
Quick Filters