Vendor CVEs
Microfocus
All CVEs
2,209 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-11989 | Med | 0.38 | 5.9 | 0.02 | Jul 19, 2019 | A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for… | ||
| CVE-2019-11650 | Med | 0.38 | 5.9 | 0.01 | Jul 10, 2019 | A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0. | ||
| CVE-2019-5392 | Med | 0.38 | 5.3 | 0.07 | Jun 5, 2019 | A disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||
| CVE-2018-1345 | Med | 0.38 | 5.9 | 0.01 | Mar 21, 2018 | NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. | ||
| CVE-2017-14363 | Med | 0.38 | 5.9 | 0.01 | Dec 21, 2017 | Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). | ||
| CVE-2016-1596 | Med | 0.38 | 5.4 | 0.02 | Apr 22, 2016 | Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, (2) tf_aClientFirstName, (3) tf_aClientLastName, (4) ta_selectedTopicContent,… | ||
| CVE-2016-1987 | Med | 0.38 | 5.9 | 0.02 | Feb 18, 2016 | HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets. | ||
| CVE-2025-8997 | Med | 0.37 | — | 0.00 | Aug 25, 2025 | An Information Exposure vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited. | ||
| CVE-2020-6923 | Med | 0.37 | 5.7 | 0.00 | Dec 19, 2024 | The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow. | ||
| CVE-2024-1695 | Med | 0.37 | 5.7 | 0.00 | May 6, 2024 | A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability. | ||
| CVE-2012-1994 | Med | 0.37 | 5.7 | 0.01 | Feb 10, 2020 | HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information | ||
| CVE-2026-3291 | Med | 0.36 | 5.5 | 0.00 | May 6, 2026 | Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities. | ||
| CVE-2024-51765 | Med | 0.36 | 5.5 | 0.00 | Nov 15, 2024 | A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access. | ||
| CVE-2022-31643 | Med | 0.36 | 5.5 | 0.00 | Apr 28, 2023 | A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability. | ||
| CVE-2022-1602 | Med | 0.36 | 5.5 | 0.00 | Sep 13, 2022 | A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 (SP8). The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 (SP9). HP has released Service Pack 10 (SP10) to remediate the potential vulnerability… | ||
| CVE-2022-23958 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | ||
| CVE-2022-23957 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | ||
| CVE-2022-23955 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | ||
| CVE-2022-23954 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | ||
| CVE-2022-23956 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | ||
| CVE-2022-23953 | Med | 0.36 | 5.5 | 0.00 | Mar 2, 2022 | Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service. | ||
| CVE-2020-6920 | Med | 0.36 | 5.5 | 0.01 | Feb 16, 2022 | Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||
| CVE-2022-23456 | Med | 0.36 | 5.5 | 0.00 | Jan 28, 2022 | Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software. | ||
| CVE-2021-22525 | Med | 0.36 | 5.5 | 0.00 | Sep 2, 2021 | This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1 | ||
| CVE-2019-18942 | Med | 0.36 | 5.5 | 0.00 | Feb 26, 2021 | Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding. | ||
| CVE-2018-7115 | Med | 0.36 | 5.3 | 0.13 | Dec 3, 2018 | HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. | ||
| CVE-2018-7112 | Med | 0.36 | 5.5 | 0.01 | Dec 3, 2018 | The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system… | ||
| CVE-2016-5749 | Med | 0.36 | 5.5 | 0.00 | Mar 23, 2017 | NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack. | ||
| CVE-2016-5748 | Med | 0.36 | 5.5 | 0.00 | Mar 23, 2017 | External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local files to logged-in users. | ||
| CVE-2016-2023 | Med | 0.36 | 5.5 | 0.00 | May 30, 2016 | HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors. | ||
| CVE-2016-2016 | Med | 0.36 | 5.5 | 0.00 | May 14, 2016 | Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and… | ||
| CVE-2022-38755 | Med | 0.35 | 5.3 | 0.01 | Nov 21, 2022 | A vulnerability has been identified in Micro Focus Filr in versions prior to 4.3.1.1. The vulnerability could be exploited to allow a remote unauthenticated attacker to enumerate valid users of the system. Remote unauthenticated user enumeration. This issue affects: Micro Focus… | ||
| CVE-2021-22524 | Med | 0.35 | 5.4 | 0.01 | Sep 13, 2021 | Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4 | ||
| CVE-2020-25832 | Med | 0.35 | 5.4 | 0.01 | Nov 17, 2020 | Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack. | ||
| CVE-2020-25834 | Med | 0.35 | 5.4 | 0.01 | Nov 17, 2020 | Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS). | ||
| CVE-2020-11838 | Med | 0.35 | 5.4 | 0.01 | Jun 16, 2020 | Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure. | ||
| CVE-2020-9524 | Med | 0.35 | 5.4 | 0.01 | May 18, 2020 | Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8. The vulnerability could allow an attacker to trigger administrative actions when an administrator viewed malicious data left… | ||
| CVE-2020-9520 | Med | 0.35 | 5.4 | 0.01 | Mar 25, 2020 | A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker… | ||
| CVE-2020-9518 | Med | 0.35 | 5.3 | 0.01 | Mar 16, 2020 | Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data. | ||
| CVE-2020-9519 | Med | 0.35 | 5.3 | 0.01 | Mar 16, 2020 | HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data. | ||
| CVE-2020-9517 | Med | 0.35 | 5.4 | 0.00 | Mar 9, 2020 | There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks. | ||
| CVE-2019-11656 | Med | 0.35 | 5.4 | 0.01 | Oct 4, 2019 | Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'). | ||
| CVE-2019-5398 | Med | 0.35 | 5.4 | 0.01 | Aug 9, 2019 | A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1. | ||
| CVE-2019-4131 | Med | 0.35 | 5.3 | 0.02 | Jul 11, 2019 | IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270. | ||
| CVE-2019-11649 | Med | 0.35 | 5.4 | 0.01 | Jun 19, 2019 | Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The… | ||
| CVE-2018-7122 | Med | 0.35 | 5.3 | 0.02 | Jun 5, 2019 | A remote disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||
| CVE-2016-4392 | Med | 0.35 | 5.4 | 0.01 | Aug 6, 2018 | A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1. | ||
| CVE-2018-9024 | Med | 0.35 | 5.3 | 0.01 | Jun 18, 2018 | An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. | ||
| CVE-2018-6495 | Med | 0.35 | 5.4 | 0.01 | May 23, 2018 | Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be… | ||
| CVE-2018-6494 | Med | 0.35 | 5.4 | 0.01 | May 22, 2018 | Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. |
- risk 0.38cvss 5.9epss 0.02
A security vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module ) could be exploited remotely to cause a denial of service. The versions and platforms of Agent Option modules that are impacted are as follows: 10.0 for Apache 2.2 on RHEL 5 and 6, 10.0 for…
- risk 0.38cvss 5.9epss 0.01
A potential Man in the Middle attack (MITM) was found in NetIQ Advanced Authentication Framework versions prior to 6.0.
- risk 0.38cvss 5.3epss 0.07
A disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
- risk 0.38cvss 5.9epss 0.01
NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack.
- risk 0.38cvss 5.9epss 0.01
Cross-Site Scripting (XSS) vulnerability has been identified in Micro Focus Operations Manager i, versions 10.60, 10.61, 10.62. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).
- risk 0.38cvss 5.4epss 0.02
Multiple cross-site scripting (XSS) vulnerabilities in Micro Focus Novell Service Desk before 7.2 allow remote authenticated users to inject arbitrary web script or HTML via a certain (1) user name, (2) tf_aClientFirstName, (3) tf_aClientLastName, (4) ta_selectedTopicContent,…
- risk 0.38cvss 5.9epss 0.02
HPE IPFilter A.11.31.18.21 on HP-UX, when a certain keep-state configuration is enabled, allows remote attackers to cause a denial of service via unspecified UDP packets.
- risk 0.37cvss —epss 0.00
An Information Exposure vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited.
- risk 0.37cvss 5.7epss 0.00
The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow.
- risk 0.37cvss 5.7epss 0.00
A potential security vulnerability has been identified in the HP Application Enabling Software Driver for certain HP PC products, which might allow escalation of privilege. HP is releasing software updates to mitigate this potential vulnerability.
- risk 0.37cvss 5.7epss 0.01
HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information
- risk 0.36cvss 5.5epss 0.00
Samsung Print Service Plugin for Android is potentially vulnerable to information disclosure when using an outdated version of the application via mobile devices. HP is releasing updates to mitigate these potential vulnerabilities.
- risk 0.36cvss 5.5epss 0.00
A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access.
- risk 0.36cvss 5.5epss 0.00
A potential security vulnerability has been identified in the system BIOS for certain HP PC products which may allow loss of integrity. HP is releasing firmware updates to mitigate the potential vulnerability.
- risk 0.36cvss 5.5epss 0.00
A potential security vulnerability has been identified in HP ThinPro 7.2 Service Pack 8 (SP8). The security vulnerability in SP8 is not remedied after upgrading from SP8 to Service Pack 9 (SP9). HP has released Service Pack 10 (SP10) to remediate the potential vulnerability…
- risk 0.36cvss 5.5epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- risk 0.36cvss 5.5epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- risk 0.36cvss 5.5epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- risk 0.36cvss 5.5epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- risk 0.36cvss 5.5epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- risk 0.36cvss 5.5epss 0.00
Potential vulnerabilities have been identified in the BIOS for some HP PC products which may allow denial of service.
- risk 0.36cvss 5.5epss 0.01
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.
- risk 0.36cvss 5.5epss 0.00
Potential arbitrary file deletion vulnerability has been identified in HP Support Assistant software.
- risk 0.36cvss 5.5epss 0.00
This release addresses a potential information leakage vulnerability in NetIQ Access Manager versions prior to 5.0.1
- risk 0.36cvss 5.5epss 0.00
Micro Focus Solutions Business Manager versions prior to 11.7.1 are vulnerable to stored XSS. The application reflects previously stored user input without encoding.
- risk 0.36cvss 5.3epss 0.13
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to a remote buffer overflow in dbman.exe opcode 10001 on Windows. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
- risk 0.36cvss 5.5epss 0.01
The HPE-provided Windows firmware installer for certain Gen9, Gen8, G7,and G6 HPE servers allows local disclosure of privileged information. This issue was resolved in previously provided firmware updates as follows. The HPE Windows firmware installer was updated in the system…
- risk 0.36cvss 5.5epss 0.00
NetIQ Access Manager 4.1 before 4.1.2 HF 1 and 4.2 before 4.2.2 was parsing incoming SAML requests with external entity resolution enabled, which could lead to local file disclosure via an XML External Entity (XXE) attack.
- risk 0.36cvss 5.5epss 0.00
External Entity Processing (XXE) vulnerability in the "risk score" application of NetIQ Access Manager 4.1 before 4.1.2 Hot Fix 1 and 4.2 before 4.2.2 could be used to disclose the content of local files to logged-in users.
- risk 0.36cvss 5.5epss 0.00
HPE RESTful Interface Tool 1.40 allows local users to obtain sensitive information via unspecified vectors.
- risk 0.36cvss 5.5epss 0.00
Base-VxFS-50 B.05.00.01 through B.05.00.02, Base-VxFS-501 B.05.01.0 through B.05.01.03, and Base-VxFS-51 B.05.10.00 through B.05.10.02 on HPE HP-UX 11iv3 with VxFS 5.0, VxFS 5.0.1, and VxFS 5.1SP1 mishandles ACL inheritance for default:class: entries, default:other: entries, and…
- risk 0.35cvss 5.3epss 0.01
A vulnerability has been identified in Micro Focus Filr in versions prior to 4.3.1.1. The vulnerability could be exploited to allow a remote unauthenticated attacker to enumerate valid users of the system. Remote unauthenticated user enumeration. This issue affects: Micro Focus…
- risk 0.35cvss 5.4epss 0.01
Injection attack caused the denial of service vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4
- risk 0.35cvss 5.4epss 0.01
Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack.
- risk 0.35cvss 5.4epss 0.01
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS).
- risk 0.35cvss 5.4epss 0.01
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting (XSS) or information disclosure.
- risk 0.35cvss 5.4epss 0.01
Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8. The vulnerability could allow an attacker to trigger administrative actions when an administrator viewed malicious data left…
- risk 0.35cvss 5.4epss 0.01
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vibe such that when the content is viewed by another user of the system, attacker…
- risk 0.35cvss 5.3epss 0.01
Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier), affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow unauthorized access to configuration data.
- risk 0.35cvss 5.3epss 0.01
HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affecting versions 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow exposure of configuration data.
- risk 0.35cvss 5.4epss 0.00
There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks.
- risk 0.35cvss 5.4epss 0.01
Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versions prior to Logger 6.7.1 HotFix 6.7.1.8262.0. This vulnerability could allow Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').
- risk 0.35cvss 5.4epss 0.01
A remote multiple multiple cross-site vulnerability was discovered in HPE 3PAR Service Processor version(s): prior to 5.0.5.1.
- risk 0.35cvss 5.3epss 0.02
IBM Application Performance Management (IBM Monitoring 8.1.4) could allow a remote attacker to induce the application to perform server-side DNS lookups of arbitrary domain names. IBM X-Force ID: 158270.
- risk 0.35cvss 5.4epss 0.01
Cross-Site Scripting vulnerability in Micro Focus Fortify Software Security Center Server, versions 17.2, 18.1, 18.2, has been identified in Micro Focus Software Security Center. The vulnerability could be exploited to execute JavaScript code in user’s browser. The…
- risk 0.35cvss 5.3epss 0.02
A remote disclosure of information vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
- risk 0.35cvss 5.4epss 0.01
A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 - v9.25IP1.
- risk 0.35cvss 5.3epss 0.01
An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.
- risk 0.35cvss 5.4epss 0.01
Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be…
- risk 0.35cvss 5.4epss 0.01
Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data.
Page 14 of 45