Vendor CVEs
Microfocus
All CVEs
2,181 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-39455 | Hig | 0.49 | 7.5 | 0.00 | May 13, 2026 | When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical… | ||
| CVE-2025-60805 | Hig | 0.49 | 7.5 | 0.00 | Oct 28, 2025 | An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized attackers to gain sensitive information via the "pre-resource" option in bes-web.xml. | ||
| CVE-2025-43025 | Hig | 0.49 | 7.5 | 0.00 | Jul 2, 2025 | HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.). | ||
| CVE-2025-2268 | Hig | 0.49 | 7.5 | 0.00 | Mar 14, 2025 | The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). | ||
| CVE-2023-24466 | Hig | 0.49 | 7.5 | 0.01 | Nov 22, 2024 | Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. | ||
| CVE-2022-26324 | Hig | 0.49 | 7.6 | 0.00 | Nov 22, 2024 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000. | ||
| CVE-2024-5749 | Hig | 0.49 | 7.5 | 0.01 | Oct 15, 2024 | Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials. | ||
| CVE-2024-2301 | Hig | 0.49 | 7.6 | 0.00 | May 23, 2024 | Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device. | ||
| CVE-2024-1869 | Hig | 0.49 | 7.5 | 0.02 | Mar 1, 2024 | Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220. | ||
| CVE-2023-6123 | Hig | 0.49 | 7.5 | 0.01 | Feb 15, 2024 | Improper Neutralization vulnerability affects OpenText ALM Octane version 16.2.100 and above. The vulnerability could result in a remote code execution attack. | ||
| CVE-2023-4694 | Hig | 0.49 | 7.5 | 0.01 | Dec 14, 2023 | Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header. | ||
| CVE-2023-4499 | Hig | 0.49 | 7.5 | 0.01 | Oct 13, 2023 | A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability. | ||
| CVE-2023-1707 | Hig | 0.49 | 7.5 | 0.01 | Jun 13, 2023 | Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6. | ||
| CVE-2022-2794 | Hig | 0.49 | 7.5 | 0.01 | Dec 12, 2022 | Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack. | ||
| CVE-2022-24291 | Hig | 0.49 | 7.5 | 0.04 | Mar 23, 2022 | Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. | ||
| CVE-2021-3965 | Hig | 0.49 | 7.5 | 0.05 | Jan 14, 2022 | Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews. | ||
| CVE-2021-3704 | Hig | 0.49 | 7.5 | 0.01 | Nov 1, 2021 | Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device. | ||
| CVE-2021-22523 | Hig | 0.49 | 7.6 | 0.01 | Jul 22, 2021 | XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions. | ||
| CVE-2021-22516 | Hig | 0.49 | 7.5 | 0.01 | Jun 4, 2021 | Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file. | ||
| CVE-2021-22496 | Hig | 0.49 | 7.5 | 0.01 | Mar 25, 2021 | Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage. | ||
| CVE-2020-25837 | Hig | 0.49 | 7.5 | 0.01 | Nov 5, 2020 | Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information. | ||
| CVE-2020-11158 | Hig | 0.49 | 7.5 | 0.01 | Sep 8, 2020 | u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due to lack of check of PDF font array leads to denial of service' in IPS PDF releases prior to IPS System 2020.2 | ||
| CVE-2020-11848 | Hig | 0.49 | 7.5 | 0.01 | Aug 19, 2020 | Denial of service vulnerability on Micro Focus ArcSight Management Center. Affecting all versions prior to version 2.9.5. The vulnerability could cause the server to become unavailable, causing a denial of service. | ||
| CVE-2020-11842 | Hig | 0.49 | 7.5 | 0.01 | May 4, 2020 | Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated attackers to view information they may not have been authorized to view. | ||
| CVE-2015-2802 | Hig | 0.49 | 7.5 | 0.06 | Feb 4, 2020 | An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive… | ||
| CVE-2019-17087 | Hig | 0.49 | 7.5 | 0.01 | Dec 11, 2019 | Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under. | ||
| CVE-2019-11665 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2019 | Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure. | ||
| CVE-2019-11667 | Hig | 0.49 | 7.5 | 0.01 | Sep 17, 2019 | Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data. | ||
| CVE-2019-11669 | Hig | 0.49 | 7.5 | 0.01 | Sep 10, 2019 | Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data. | ||
| CVE-2019-11668 | Hig | 0.49 | 7.5 | 0.01 | Sep 10, 2019 | HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service… | ||
| CVE-2019-11654 | Hig | 0.49 | 7.5 | 0.03 | Aug 23, 2019 | Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files. | ||
| CVE-2019-11648 | Hig | 0.49 | 7.5 | 0.01 | Jun 24, 2019 | An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information. | ||
| CVE-2016-1600 | Hig | 0.49 | 7.5 | 0.01 | May 9, 2019 | The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. | ||
| CVE-2019-3489 | Hig | 0.49 | 7.5 | 0.02 | Apr 1, 2019 | An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to… | ||
| CVE-2017-2748 | Hig | 0.49 | 7.5 | 0.02 | Mar 27, 2019 | A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue. | ||
| CVE-2018-12469 | Hig | 0.49 | 7.5 | 0.01 | Oct 12, 2018 | Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2… | ||
| CVE-2018-6505 | Hig | 0.49 | 7.5 | 0.03 | Sep 20, 2018 | A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. | ||
| CVE-2018-6500 | Hig | 0.49 | 7.5 | 0.04 | Sep 20, 2018 | A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. | ||
| CVE-2018-7686 | Hig | 0.49 | 7.5 | 0.01 | Aug 9, 2018 | Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. | ||
| CVE-2018-7683 | Hig | 0.49 | 7.5 | 0.01 | Jun 21, 2018 | Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files. | ||
| CVE-2018-9028 | Hig | 0.49 | 7.5 | 0.01 | Jun 18, 2018 | Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking. | ||
| CVE-2018-9026 | Hig | 0.49 | 7.5 | 0.01 | Jun 18, 2018 | A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. | ||
| CVE-2018-9025 | Hig | 0.49 | 7.5 | 0.01 | Jun 18, 2018 | An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. | ||
| CVE-2017-7425 | Hig | 0.49 | 7.6 | 0.01 | Nov 6, 2017 | Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2. | ||
| CVE-2017-9272 | Hig | 0.49 | 7.5 | 0.01 | Oct 6, 2017 | The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack. | ||
| CVE-2017-9281 | Hig | 0.49 | 7.5 | 0.01 | Sep 21, 2017 | An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service. | ||
| CVE-2015-5436 | Hig | 0.49 | 7.5 | 0.02 | May 11, 2017 | A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in… | ||
| CVE-2017-5186 | Hig | 0.49 | 7.5 | 0.01 | Apr 27, 2017 | Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate. | ||
| CVE-2017-5185 | Hig | 0.49 | 7.5 | 0.02 | Mar 30, 2017 | A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service. | ||
| CVE-2016-5754 | Hig | 0.49 | 7.5 | 0.01 | Mar 23, 2017 | Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2. |
- risk 0.49cvss 7.5epss 0.00
When the BIG-IP Configuration utility is configured to use Lightweight Directory Access Protocol (LDAP) authentication, undisclosed traffic can cause the httpd process to exhaust the available file descriptors. Note: Software versions which have reached End of Technical…
- risk 0.49cvss 7.5epss 0.00
An issue was discovered in BESSystem BES Application Server thru 9.5.x allowing unauthorized attackers to gain sensitive information via the "pre-resource" option in bes-web.xml.
- risk 0.49cvss 7.5epss 0.00
HP Universal Print Driver is potentially vulnerable to denial of service due to buffer overflow in versions of UPD 7.4 or older (e.g., v7.3.x, v7.2.x, v7.1.x, etc.).
- risk 0.49cvss 7.5epss 0.00
The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).
- risk 0.49cvss 7.5epss 0.01
Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.
- risk 0.49cvss 7.6epss 0.00
Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.
- risk 0.49cvss 7.5epss 0.01
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.
- risk 0.49cvss 7.6epss 0.00
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device.
- risk 0.49cvss 7.5epss 0.02
Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.
- risk 0.49cvss 7.5epss 0.01
Improper Neutralization vulnerability affects OpenText ALM Octane version 16.2.100 and above. The vulnerability could result in a remote code execution attack.
- risk 0.49cvss 7.5epss 0.01
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header.
- risk 0.49cvss 7.5epss 0.01
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.
- risk 0.49cvss 7.5epss 0.01
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version 5.6.
- risk 0.49cvss 7.5epss 0.01
Certain HP PageWide Pro Printers may be vulnerable to a potential denial of service attack.
- risk 0.49cvss 7.5epss 0.04
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.
- risk 0.49cvss 7.5epss 0.05
Certain HP DesignJet products may be vulnerable to unauthenticated HTTP requests which allow viewing and downloading of print job previews.
- risk 0.49cvss 7.5epss 0.01
Potential security vulnerabilities have been discovered on a certain HP LaserJet Pro printer that may allow a Denial of Service on the device.
- risk 0.49cvss 7.6epss 0.01
XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions.
- risk 0.49cvss 7.5epss 0.01
Insertion of Sensitive Information into Log File vulnerability in Micro Focus Secure API Manager (SAPIM) product, affecting version 2.0.0. The vulnerability could lead to sensitive information being in a log file.
- risk 0.49cvss 7.5epss 0.01
Authentication Bypass Vulnerability in Micro Focus Access Manager Product, affects all version prior to version 4.5.3.3. The vulnerability could cause information leakage.
- risk 0.49cvss 7.5epss 0.01
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain configurations the vulnerability could disclose sensitive information.
- risk 0.49cvss 7.5epss 0.01
u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due to lack of check of PDF font array leads to denial of service' in IPS PDF releases prior to IPS System 2020.2
- risk 0.49cvss 7.5epss 0.01
Denial of service vulnerability on Micro Focus ArcSight Management Center. Affecting all versions prior to version 2.9.5. The vulnerability could cause the server to become unavailable, causing a denial of service.
- risk 0.49cvss 7.5epss 0.01
Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated attackers to view information they may not have been authorized to view.
- risk 0.49cvss 7.5epss 0.06
An Information Disclosure vulnerability exists in HP SiteScope 11.2 and 11.3 on Windows, Linux and Solaris, HP Asset Manager 9.30 through 9.32, 9.40 through 9.41, 9.50, and Asset Manager Cloudsystem Chargeback 9.40, which could let a remote malicious user obtain sensitive…
- risk 0.49cvss 7.5epss 0.01
Unauthorized file download vulnerability in all supported versions of Micro Focus AcuToWeb. The vulnerability could be exploited to enumerate and download files from the filesystem of the system running AcuToWeb, with the privileges of the account AcuToWeb is running under.
- risk 0.49cvss 7.5epss 0.01
Data exposure in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow sensitive data exposure.
- risk 0.49cvss 7.5epss 0.01
Unauthorized access to contact information in Micro Focus Service Manager, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to private data.
- risk 0.49cvss 7.5epss 0.01
Modifiable read only check box In Micro Focus Service Manager, versions 9.60p1, 9.61, 9.62. This vulnerability could be exploited to allow unauthorized modification of data.
- risk 0.49cvss 7.5epss 0.01
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service…
- risk 0.49cvss 7.5epss 0.03
Path traversal vulnerability in Micro Focus Verastream Host Integrator (VHI), versions 7.7 SP2 and earlier, The vulnerability allows remote unauthenticated attackers to read arbitrary files.
- risk 0.49cvss 7.5epss 0.01
An information leakage exists in Micro Focus NetIQ Self Service Password Reset Software all versions prior to version 4.4. The vulnerability could be exploited to expose sensitive information.
- risk 0.49cvss 7.5epss 0.01
The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability.
- risk 0.49cvss 7.5epss 0.02
An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to…
- risk 0.49cvss 7.5epss 0.02
A potential security vulnerability caused by the use of insecure (http) transactions during login has been identified with early versions of the Isaac Mizrahi Smartwatch mobile app. HP has no access to customer data as a result of this issue.
- risk 0.49cvss 7.5epss 0.01
Incorrect handling of an invalid value for an HTTP request parameter by Directory Server (aka Enterprise Server Administration web UI) in Micro Focus Enterprise Developer and Enterprise Server 2.3 Update 2 and earlier, 3.0 before Patch Update 12, and 4.0 before Patch Update 2…
- risk 0.49cvss 7.5epss 0.03
A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads.
- risk 0.49cvss 7.5epss 0.04
A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal.
- risk 0.49cvss 7.5epss 0.01
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage.
- risk 0.49cvss 7.5epss 0.01
Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.
- risk 0.49cvss 7.5epss 0.01
Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.
- risk 0.49cvss 7.5epss 0.01
A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.
- risk 0.49cvss 7.5epss 0.01
An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.
- risk 0.49cvss 7.6epss 0.01
Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2.
- risk 0.49cvss 7.5epss 0.01
The Bi-directional driver in IDM 4.5 before 4.0.3.0 could be susceptible to a denial of service attack.
- risk 0.49cvss 7.5epss 0.01
An integer overflow (CWE-190) potentially causing an out-of-bounds read (CWE-125) vulnerability in Micro Focus VisiBroker 8.5 can lead to a denial of service.
- risk 0.49cvss 7.5epss 0.02
A potential security vulnerability has been identified with HP Integrated Lights-Out 4 (iLO 4) firmware version 2.11 and later, but prior to version 2.30. The vulnerability could be exploited remotely resulting in Denial of Service (DoS). Note this was originally published in…
- risk 0.49cvss 7.5epss 0.01
Novell iManager 2.7 before SP7 Patch 9, NetIQ iManager 3.x before 3.0.2.1, Novell eDirectory 8.8.x before 8.8 SP8 Patch 9 Hotfix 2, and NetIQ eDirectory 9.x before 9.0.2 Hotfix 2 (9.0.2.2) use the deprecated MD5 hashing algorithm in a communications certificate.
- risk 0.49cvss 7.5epss 0.02
A vulnerability was discovered in NetIQ Sentinel Server 8.0 before 8.0.1 that may allow remote denial of service.
- risk 0.49cvss 7.5epss 0.01
Presence of a .htaccess file could leak information in NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before SP2.
Page 10 of 44