Vendor CVEs
Microfocus
All CVEs
2,227 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-18944 | Med | 0.32 | 4.9 | 0.00 | Feb 26, 2021 | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS. | ||
| CVE-2019-9488 | Med | 0.32 | 4.9 | 0.01 | Sep 11, 2019 | Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep… | ||
| CVE-2024-7428 | Med | 0.31 | — | 0.00 | Aug 23, 2024 | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in OpenText™ Network Node Manager i (NNMi) allows URL Redirector Abuse.This issue affects Network Node Manager i (NNMi): 2022.11, 2023.05, 23.4, 24.2. | ||
| CVE-2024-7427 | Med | 0.31 | — | 0.00 | Aug 23, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Network Node Manager i (NNMi) could allow Cross-Site Scripting (XSS).This issue affects Network Node Manager i (NNMi): 2022.11, 2023.05, 23.4, 24.2. | ||
| CVE-2021-22515 | Med | 0.31 | 4.8 | 0.01 | Jul 12, 2021 | Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1. | ||
| CVE-2019-18946 | Med | 0.31 | 4.8 | 0.00 | Feb 26, 2021 | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation. | ||
| CVE-2021-22499 | Med | 0.31 | 4.8 | 0.01 | Feb 6, 2021 | Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack. | ||
| CVE-2020-25833 | Med | 0.31 | 4.8 | 0.01 | Nov 17, 2020 | Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack. | ||
| CVE-2019-6332 | Med | 0.31 | 4.8 | 0.01 | Jan 9, 2020 | A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A -… | ||
| CVE-2019-6324 | Med | 0.31 | 4.8 | 0.01 | Jun 17, 2019 | HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page | ||
| CVE-2018-12462 | Med | 0.31 | 4.8 | 0.01 | Jul 10, 2018 | NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities. | ||
| CVE-2018-7681 | Med | 0.31 | 4.8 | 0.01 | Jun 21, 2018 | Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system. | ||
| CVE-2018-6492 | Med | 0.31 | 4.7 | 0.02 | May 22, 2018 | Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited… | ||
| CVE-2017-9284 | Med | 0.31 | 4.8 | 0.01 | Apr 26, 2018 | IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information. | ||
| CVE-2023-1526 | Med | 0.30 | 4.6 | 0.01 | Apr 28, 2023 | Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer. | ||
| CVE-2021-39237 | Med | 0.30 | 4.6 | 0.02 | Nov 3, 2021 | Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure. | ||
| CVE-2019-16285 | Med | 0.30 | 4.6 | 0.01 | Nov 22, 2019 | If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive. | ||
| CVE-2019-3485 | Med | 0.30 | 4.6 | 0.01 | Jul 24, 2019 | Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1 | ||
| CVE-2017-7437 | Med | 0.30 | 4.6 | 0.01 | Mar 5, 2018 | NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests. | ||
| CVE-2017-7438 | Med | 0.30 | 4.6 | 0.01 | Mar 2, 2018 | NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter. | ||
| CVE-2017-7419 | Med | 0.30 | 4.6 | 0.01 | Mar 2, 2018 | A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider. | ||
| CVE-2017-14801 | Med | 0.30 | 4.6 | 0.01 | Mar 2, 2018 | Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter. | ||
| CVE-2017-14799 | Med | 0.30 | 4.6 | 0.01 | Mar 1, 2018 | A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page. | ||
| CVE-2025-71292 | Med | 0.29 | 5.5 | 0.00 | May 6, 2026 | In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfs_rename If nlink is maximal for a directory (-1) and inside that directory you perform a rename for some child directory (not moving from the parent), then the nlink of the first… | ||
| CVE-2016-4381 | Med | 0.29 | 4.5 | 0.00 | Sep 8, 2016 | HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors. | ||
| CVE-1999-0524 | Med | 0.29 | 4.0 | 0.32 | Aug 1, 1997 | ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | ||
| CVE-2024-0967 | Med | 0.28 | 4.3 | 0.01 | Mar 1, 2024 | A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Enterprise Security Manager (ESM). The vulnerability could be remotely exploited. | ||
| CVE-2023-4468 | Med | 0.28 | 4.3 | 0.00 | Dec 29, 2023 | A vulnerability was found in Poly Trio 8500, Trio 8800 and Trio C60. It has been classified as problematic. This affects an unknown part of the component Poly Lens Management Cloud Registration. The manipulation leads to missing authorization. It is possible to launch the attack… | ||
| CVE-2023-32262 | Med | 0.28 | 4.3 | 0.01 | Jul 19, 2023 | A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for… | ||
| CVE-2022-38756 | Med | 0.28 | 4.3 | 0.01 | Dec 16, 2022 | A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies. | ||
| CVE-2020-11841 | Med | 0.28 | 4.3 | 0.01 | Jun 16, 2020 | Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. | ||
| CVE-2020-11840 | Med | 0.28 | 4.3 | 0.01 | Jun 16, 2020 | Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure. | ||
| CVE-2019-11662 | Med | 0.28 | 4.3 | 0.01 | Sep 18, 2019 | Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error… | ||
| CVE-2019-5393 | Med | 0.28 | 4.3 | 0.02 | Jun 5, 2019 | A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09. | ||
| CVE-2017-9280 | Med | 0.28 | 4.3 | 0.01 | Mar 2, 2018 | Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar. | ||
| CVE-2017-5189 | Med | 0.28 | 4.3 | 0.01 | Mar 2, 2018 | NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance. | ||
| CVE-2023-32261 | Med | 0.27 | 4.2 | 0.01 | Jul 19, 2023 | A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for… | ||
| CVE-2022-26326 | Med | 0.26 | 4.0 | 0.00 | May 2, 2022 | Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2 | ||
| CVE-2021-22497 | Low | 0.25 | 3.8 | 0.01 | Apr 12, 2021 | Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue. | ||
| CVE-2018-7676 | Low | 0.25 | 3.9 | 0.01 | Mar 28, 2018 | The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | ||
| CVE-2016-4379 | Low | 0.24 | 3.7 | 0.02 | Sep 8, 2016 | The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay… | ||
| CVE-2015-6858 | Low | 0.24 | 3.7 | 0.03 | Jan 5, 2016 | HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors. | ||
| CVE-2019-18947 | Low | 0.23 | 3.5 | 0.00 | Feb 26, 2021 | Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure. | ||
| CVE-2018-12461 | Low | 0.23 | 3.5 | 0.00 | Jul 10, 2018 | Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation. | ||
| CVE-2018-7678 | Low | 0.23 | 3.5 | 0.01 | Mar 14, 2018 | A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. | ||
| CVE-2018-7677 | Low | 0.23 | 3.5 | 0.01 | Mar 14, 2018 | A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | ||
| CVE-2017-9278 | Low | 0.22 | 3.3 | 0.01 | Mar 2, 2018 | The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables. | ||
| CVE-2017-7434 | Low | 0.22 | 3.3 | 0.01 | Mar 2, 2018 | In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles. | ||
| CVE-2025-37164 | 0.21 | — | 0.90 | KEV | Dec 16, 2025 | A remote code execution issue exists in HPE OneView. | ||
| CVE-2023-5449 | Low | 0.21 | 3.3 | 0.00 | Oct 13, 2023 | A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated. |
- risk 0.32cvss 4.9epss 0.00
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to reflected XSS.
- risk 0.32cvss 4.9epss 0.01
Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0) are vulnerable to a XML External Entity Attack. However, for the attack to be possible, the attacker must have root/admin access to a protected host which is authorized to communicate with the Deep…
- risk 0.31cvss —epss 0.00
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in OpenText™ Network Node Manager i (NNMi) allows URL Redirector Abuse.This issue affects Network Node Manager i (NNMi): 2022.11, 2023.05, 23.4, 24.2.
- risk 0.31cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Network Node Manager i (NNMi) could allow Cross-Site Scripting (XSS).This issue affects Network Node Manager i (NNMi): 2022.11, 2023.05, 23.4, 24.2.
- risk 0.31cvss 4.8epss 0.01
Multi-Factor Authentication (MFA) functionality can be bypassed, allowing the use of single factor authentication in NetIQ Advanced Authentication versions prior to 6.3 SP4 Patch 1.
- risk 0.31cvss 4.8epss 0.00
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to session fixation.
- risk 0.31cvss 4.8epss 0.01
Persistent Cross-Site scripting vulnerability in Micro Focus Application Performance Management product, affecting versions 9.40, 9.50 and 9.51. The vulnerability could allow persistent XSS attack.
- risk 0.31cvss 4.8epss 0.01
Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack.
- risk 0.31cvss 4.8epss 0.01
A potential security vulnerability has been identified with certain HP InkJet printers. The vulnerability could be exploited to allow cross-site scripting (XSS). Affected products and versions include: HP DeskJet 2600 All-in-One Printer series model numbers 4UJ28B, V1N01A -…
- risk 0.31cvss 4.8epss 0.01
HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v. 20190419), HP LaserJet Pro MFP M28-M31 Printer series (before v. 20190426) may have an embedded web server potentially vulnerable to stored XSS in wireless configuration page
- risk 0.31cvss 4.8epss 0.01
NetIQ iManager 3.1.1 addresses potential XSS vulnerabilities.
- risk 0.31cvss 4.8epss 0.01
Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder. If the user has certain administrative privileges then this vulnerability can impact other users in the system.
- risk 0.31cvss 4.7epss 0.02
Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited…
- risk 0.31cvss 4.8epss 0.01
IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information.
- risk 0.30cvss 4.6epss 0.01
Certain DesignJet and PageWide XL TAA compliant models may have risk of potential information disclosure if the hard disk drive is physically removed from the printer.
- risk 0.30cvss 4.6epss 0.02
Certain HP LaserJet, HP LaserJet Managed, HP PageWide, and HP PageWide Managed printers may be vulnerable to potential information disclosure.
- risk 0.30cvss 4.6epss 0.01
If a local user has been configured and logged in, an unauthenticated attacker with physical access may be able to extract sensitive information onto a local drive.
- risk 0.30cvss 4.6epss 0.01
Mitigates a stored cross site scripting issue in ArcSight Logger versions prior to 6.7.1
- risk 0.30cvss 4.6epss 0.01
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via the "type" and "account" parameters of json requests.
- risk 0.30cvss 4.6epss 0.01
NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter.
- risk 0.30cvss 4.6epss 0.01
A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.
- risk 0.30cvss 4.6epss 0.01
Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter.
- risk 0.30cvss 4.6epss 0.01
A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page.
- risk 0.29cvss 5.5epss 0.00
In the Linux kernel, the following vulnerability has been resolved: jfs: nlink overflow in jfs_rename If nlink is maximal for a directory (-1) and inside that directory you perform a rename for some child directory (not moving from the parent), then the nlink of the first…
- risk 0.29cvss 4.5epss 0.00
HPE XP7 Command View Advanced Edition (CVAE) Suite 6.x through 8.x before 8.4.1-02, when Replication Manager (RepMgr) and Device Manager (DevMgr) are enabled, allows local users to bypass intended access restrictions via unspecified vectors.
- risk 0.29cvss 4.0epss 0.32
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts.
- risk 0.28cvss 4.3epss 0.01
A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Enterprise Security Manager (ESM). The vulnerability could be remotely exploited.
- risk 0.28cvss 4.3epss 0.00
A vulnerability was found in Poly Trio 8500, Trio 8800 and Trio C60. It has been classified as problematic. This affects an unknown part of the component Poly Lens Management Cloud Registration. The manipulation leads to missing authorization. It is possible to launch the attack…
- risk 0.28cvss 4.3epss 0.01
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for…
- risk 0.28cvss 4.3epss 0.01
A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.
- risk 0.28cvss 4.3epss 0.01
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.
- risk 0.28cvss 4.3epss 0.01
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploited resulting unauthorized information disclosure.
- risk 0.28cvss 4.3epss 0.01
Class and method names in error message in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. This vulnerability could be exploited in some special cases to allow information exposure through an error…
- risk 0.28cvss 4.3epss 0.02
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
- risk 0.28cvss 4.3epss 0.01
Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.
- risk 0.28cvss 4.3epss 0.01
NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.
- risk 0.27cvss 4.2epss 0.01
A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for…
- risk 0.26cvss 4.0epss 0.00
Potential open redirection vulnerability when URL is crafted in specific format in NetIQ Access Manager prior to 5.0.2
- risk 0.25cvss 3.8epss 0.01
Advanced Authentication versions prior to 6.3 SP4 have a potential broken authentication due to improper session management issue.
- risk 0.25cvss 3.9epss 0.01
The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information.
- risk 0.24cvss 3.7epss 0.02
The TLS implementation in HPE Integrated Lights-Out 3 (aka iLO3) firmware before 1.88 does not properly use a MAC protection mechanism in conjunction with CBC padding, which allows remote attackers to obtain sensitive information via a padding-oracle attack, aka a Vaudenay…
- risk 0.24cvss 3.7epss 0.03
HP Insight Control server provisioning before 7.5.0 RabbitMQ allows remote attackers to obtain sensitive information via unspecified vectors.
- risk 0.23cvss 3.5epss 0.00
Micro Focus Solutions Business Manager Application Repository versions prior to 11.7.1 are vulnerable to information disclosure.
- risk 0.23cvss 3.5epss 0.00
Fixed issues with NetIQ eDirectory prior to 9.1.1 when checking certificate revocation.
- risk 0.23cvss 3.5epss 0.01
A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4.
- risk 0.23cvss 3.5epss 0.01
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component.
- risk 0.22cvss 3.3epss 0.01
The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.
- risk 0.22cvss 3.3epss 0.01
In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.
- risk 0.21cvss —epss 0.90
A remote code execution issue exists in HPE OneView.
- risk 0.21cvss 3.3epss 0.00
A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor’s Theft Deterrence to be deactivated.
Page 16 of 45