Vendor CVEs
Microfocus
All CVEs
2,275 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-1697 | 0.00 | — | 0.00 | Apr 18, 2025 | A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to… | |||
| CVE-2025-2268 | 0.00 | — | 0.00 | Mar 14, 2025 | The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP). | |||
| CVE-2025-26508 | 0.00 | — | 0.01 | Feb 14, 2025 | Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||
| CVE-2025-26507 | 0.00 | — | 0.01 | Feb 14, 2025 | Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||
| CVE-2025-26506 | 0.00 | — | 0.01 | Feb 14, 2025 | Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job. | |||
| CVE-2025-1004 | 0.00 | — | 0.00 | Feb 6, 2025 | Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol). | |||
| CVE-2021-38116 | 0.00 | — | 0.01 | Nov 22, 2024 | Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5 | |||
| CVE-2021-38117 | 0.00 | — | 0.01 | Nov 22, 2024 | Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||
| CVE-2021-38118 | 0.00 | — | 0.00 | Nov 22, 2024 | Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||
| CVE-2021-38119 | 0.00 | — | 0.00 | Nov 22, 2024 | Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||
| CVE-2021-38134 | 0.00 | — | 0.00 | Nov 22, 2024 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000. | |||
| CVE-2021-38135 | 0.00 | — | 0.00 | Nov 22, 2024 | Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000. | |||
| CVE-2022-26324 | 0.00 | — | 0.00 | Nov 22, 2024 | Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000. | |||
| CVE-2023-24466 | 0.00 | — | 0.01 | Nov 22, 2024 | Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. | |||
| CVE-2023-24467 | 0.00 | — | 0.01 | Nov 22, 2024 | Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. | |||
| CVE-2024-9841 | 0.00 | — | 0.00 | Nov 8, 2024 | A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited. | |||
| CVE-2024-9419 | 0.00 | — | 0.01 | Oct 30, 2024 | Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could… | |||
| CVE-2024-5532 | 0.00 | — | 0.00 | Oct 28, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the… | |||
| CVE-2024-5749 | 0.00 | — | 0.01 | Oct 15, 2024 | Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials. | |||
| CVE-2024-9423 | 0.00 | — | 0.01 | Oct 2, 2024 | Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs. | |||
| CVE-2024-5760 | 0.00 | — | 0.00 | Sep 11, 2024 | The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018. | |||
| CVE-2024-4554 | 0.00 | — | 0.00 | Aug 28, 2024 | Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects Access Manager before 5.0.4.1 and 5.1. | |||
| CVE-2024-4555 | 0.00 | — | 0.00 | Aug 28, 2024 | Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1 | |||
| CVE-2024-4556 | 0.00 | — | 0.00 | Aug 28, 2024 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1. | |||
| CVE-2024-7720 | 0.00 | — | 0.01 | Aug 27, 2024 | HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries. | |||
| CVE-2020-11847 | 0.00 | — | 0.00 | Aug 21, 2024 | SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1. | |||
| CVE-2020-11846 | 0.00 | — | 0.00 | Aug 21, 2024 | A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1. | |||
| CVE-2020-11850 | 0.00 | — | 0.00 | Aug 21, 2024 | Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6 | |||
| CVE-2024-41912 | 0.00 | — | 0.01 | Aug 7, 2024 | A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls. | |||
| CVE-2024-41911 | 0.00 | — | 0.00 | Aug 6, 2024 | A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation. | |||
| CVE-2024-41910 | 0.00 | — | 0.00 | Aug 6, 2024 | A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used. | |||
| CVE-2024-41913 | 0.00 | — | 0.01 | Aug 6, 2024 | A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input. | |||
| CVE-2022-27540 | 0.00 | — | 0.00 | Jun 28, 2024 | A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential… | |||
| CVE-2022-37020 | 0.00 | — | 0.00 | Jun 10, 2024 | Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities. | |||
| CVE-2024-2301 | 0.00 | — | 0.00 | May 23, 2024 | Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device. | |||
| CVE-2023-52805 | 0.00 | — | 0.00 | May 21, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. Added the check which is required. | |||
| CVE-2024-28893 | 0.00 | — | 0.00 | May 1, 2024 | Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs). | |||
| CVE-2023-4063 | 0.00 | — | 0.01 | Mar 22, 2024 | Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when using an improper eSCL URL GET request. | |||
| CVE-2020-11862 | 0.00 | — | 0.01 | Mar 13, 2024 | Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account Manager: before 3.7.0.2. | |||
| CVE-2023-52601 | 0.00 | — | 0.00 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound check missing in the dbAdjTree while accessing the dmt_stree. To add the required check added the bool is_ctl which is required to… | |||
| CVE-2023-52599 | 0.00 | — | 0.00 | Mar 6, 2024 | In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diNewExt [Syz report] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:2360:2 index -878706688 is out of range for type 'struct iagctl[128]' CPU: 1 PID: 5065 Comm:… | |||
| CVE-2024-1869 | 0.00 | — | 0.02 | Mar 1, 2024 | Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220. | |||
| CVE-2024-0407 | 0.00 | — | 0.00 | Feb 20, 2024 | Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's… | |||
| CVE-2024-1470 | 0.00 | — | 0.00 | Feb 20, 2024 | Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4.6. | |||
| CVE-2024-25123 | 0.00 | — | 0.00 | Feb 15, 2024 | MSS (Mission Support System) is an open source package designed for planning atmospheric research flights. In file: `index.py`, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different… | |||
| CVE-2024-0622 | 0.00 | — | 0.00 | Feb 15, 2024 | Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation. | |||
| CVE-2022-48219 | 0.00 | — | 0.00 | Feb 14, 2024 | Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities. | |||
| CVE-2015-8317 | 0.00 | — | 0.06 | Dec 15, 2015 | The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read. | |||
| CVE-2015-8242 | 0.00 | — | 0.04 | Dec 15, 2015 | The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data. | |||
| CVE-2015-7500 | 0.00 | — | 0.06 | Dec 15, 2015 | The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags. |
- CVE-2025-1697Apr 18, 2025risk 0.00cvss —epss 0.00
A potential security vulnerability has been identified in the HP Touchpoint Analytics Service for certain HP PC products with versions prior to 4.2.2439. This vulnerability could potentially allow a local attacker to escalate privileges. HP is providing software updates to…
- CVE-2025-2268Mar 14, 2025risk 0.00cvss —epss 0.00
The HP LaserJet MFP M232-M237 Printer Series may be vulnerable to a denial of service attack when a specially crafted request message is sent via Internet Printing Protocol (IPP).
- CVE-2025-26508Feb 14, 2025risk 0.00cvss —epss 0.01
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
- CVE-2025-26507Feb 14, 2025risk 0.00cvss —epss 0.01
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
- CVE-2025-26506Feb 14, 2025risk 0.00cvss —epss 0.01
Certain HP LaserJet Pro, HP LaserJet Enterprise, and HP LaserJet Managed Printers may potentially be vulnerable to Remote Code Execution and Elevation of Privilege when processing a PostScript print job.
- CVE-2025-1004Feb 6, 2025risk 0.00cvss —epss 0.00
Certain HP LaserJet Pro printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer via IPP (Internet Printing Protocol).
- CVE-2021-38116Nov 22, 2024risk 0.00cvss —epss 0.01
Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5
- CVE-2021-38117Nov 22, 2024risk 0.00cvss —epss 0.01
Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
- CVE-2021-38118Nov 22, 2024risk 0.00cvss —epss 0.00
Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
- CVE-2021-38119Nov 22, 2024risk 0.00cvss —epss 0.00
Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.
- CVE-2021-38134Nov 22, 2024risk 0.00cvss —epss 0.00
Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000.
- CVE-2021-38135Nov 22, 2024risk 0.00cvss —epss 0.00
Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000.
- CVE-2022-26324Nov 22, 2024risk 0.00cvss —epss 0.00
Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.
- CVE-2023-24466Nov 22, 2024risk 0.00cvss —epss 0.01
Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.
- CVE-2023-24467Nov 22, 2024risk 0.00cvss —epss 0.01
Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.
- CVE-2024-9841Nov 8, 2024risk 0.00cvss —epss 0.00
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.
- CVE-2024-9419Oct 30, 2024risk 0.00cvss —epss 0.01
Client / Server PCs with the HP Smart Universal Printing Driver installed are potentially vulnerable to Remote Code Execution and/or Elevation of Privilege. A client using the HP Smart Universal Printing Driver that sends a print job comprised of a malicious XPS file could…
- CVE-2024-5532Oct 28, 2024risk 0.00cvss —epss 0.00
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent. The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the…
- CVE-2024-5749Oct 15, 2024risk 0.00cvss —epss 0.01
Certain HP DesignJet products may be vulnerable to credential reflection which allow viewing SMTP server credentials.
- CVE-2024-9423Oct 2, 2024risk 0.00cvss —epss 0.01
Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, potentially blocking queued print jobs.
- CVE-2024-5760Sep 11, 2024risk 0.00cvss —epss 0.00
The Samsung Universal Print Driver for Windows is potentially vulnerable to escalation of privilege allowing the creation of a reverse shell in the tool. This is only applicable for products in the application released or manufactured before 2018.
- CVE-2024-4554Aug 28, 2024risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in OpenText NetIQ Access Manager leads to Cross-Site Scripting (XSS) attack. This issue affects Access Manager before 5.0.4.1 and 5.1.
- CVE-2024-4555Aug 28, 2024risk 0.00cvss —epss 0.00
Improper Privilege Management vulnerability in OpenText NetIQ Access Manager allows user account impersonation in specific scenario. This issue affects NetIQ Access Manager before 5.0.4.1 and before 5.1
- CVE-2024-4556Aug 28, 2024risk 0.00cvss —epss 0.00
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText NetIQ Access Manager allows access the sensitive information. This issue affects NetIQ Access Manager before 5.0.4 and before 5.1.
- CVE-2024-7720Aug 27, 2024risk 0.00cvss —epss 0.01
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code vulnerability within the product's solution open-source libraries.
- CVE-2020-11847Aug 21, 2024risk 0.00cvss —epss 0.00
SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1.
- CVE-2020-11846Aug 21, 2024risk 0.00cvss —epss 0.00
A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1.
- CVE-2020-11850Aug 21, 2024risk 0.00cvss —epss 0.00
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6
- CVE-2024-41912Aug 7, 2024risk 0.00cvss —epss 0.01
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly implement access controls.
- CVE-2024-41911Aug 6, 2024risk 0.00cvss —epss 0.00
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The flaw does not properly neutralize input during a web page generation.
- CVE-2024-41910Aug 6, 2024risk 0.00cvss —epss 0.00
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware contained multiple XSS vulnerabilities in the version of JavaScript used.
- CVE-2024-41913Aug 6, 2024risk 0.00cvss —epss 0.01
A vulnerability was discovered in the firmware builds up to 10.10.2.2 in Poly Clariti Manager devices. The firmware flaw does not properly sanitize User input.
- CVE-2022-27540Jun 28, 2024risk 0.00cvss —epss 0.00
A potential Time-of-Check to Time-of Use (TOCTOU) vulnerability has been identified in the HP BIOS for certain HP PC products, which might allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential…
- CVE-2022-37020Jun 10, 2024risk 0.00cvss —epss 0.00
Potential vulnerabilities have been identified in the system BIOS for certain HP PC products, which might allow escalation of privileges and code execution. HP is releasing firmware updates to mitigate the potential vulnerabilities.
- CVE-2024-2301May 23, 2024risk 0.00cvss —epss 0.00
Certain HP LaserJet Pro devices are potentially vulnerable to a Cross-Site Scripting (XSS) attack via the web management interface of the device.
- CVE-2023-52805May 21, 2024risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diAlloc Currently there is not check against the agno of the iag while allocating new inodes to avoid fragmentation problem. Added the check which is required.
- CVE-2024-28893May 1, 2024risk 0.00cvss —epss 0.00
Certain HP software packages (SoftPaqs) are potentially vulnerable to arbitrary code execution when the SoftPaq configuration file has been modified after extraction. HP has released updated software packages (SoftPaqs).
- CVE-2023-4063Mar 22, 2024risk 0.00cvss —epss 0.01
Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when using an improper eSCL URL GET request.
- CVE-2020-11862Mar 13, 2024risk 0.00cvss —epss 0.01
Allocation of Resources Without Limits or Throttling vulnerability in OpenText NetIQ Privileged Account Manager on Linux, Windows, 64 bit allows Flooding.This issue affects NetIQ Privileged Account Manager: before 3.7.0.2.
- CVE-2023-52601Mar 6, 2024risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in dbAdjTree Currently there is a bound check missing in the dbAdjTree while accessing the dmt_stree. To add the required check added the bool is_ctl which is required to…
- CVE-2023-52599Mar 6, 2024risk 0.00cvss —epss 0.00
In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in diNewExt [Syz report] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_imap.c:2360:2 index -878706688 is out of range for type 'struct iagctl[128]' CPU: 1 PID: 5065 Comm:…
- CVE-2024-1869Mar 1, 2024risk 0.00cvss —epss 0.02
Certain HP DesignJet print products are potentially vulnerable to information disclosure related to accessing memory out-of-bounds when using the general-purpose gateway (GGW) over port 9220.
- CVE-2024-0407Feb 20, 2024risk 0.00cvss —epss 0.00
Certain HP Enterprise LaserJet, and HP LaserJet Managed Printers are potentially vulnerable to information disclosure, when connections made by the device back to services enabled by some solutions may have been trusted without the appropriate CA certificate in the device's…
- CVE-2024-1470Feb 20, 2024risk 0.00cvss —epss 0.00
Authorization Bypass Through User-Controlled Key vulnerability in NetIQ (OpenText) Client Login Extension on Windows allows Privilege Escalation, Code Injection.This issue only affects NetIQ Client Login Extension: 4.6.
- CVE-2024-25123Feb 15, 2024risk 0.00cvss —epss 0.00
MSS (Mission Support System) is an open source package designed for planning atmospheric research flights. In file: `index.py`, there is a method that is vulnerable to path manipulation attack. By modifying file paths, an attacker can acquire sensitive information from different…
- CVE-2024-0622Feb 15, 2024risk 0.00cvss —epss 0.00
Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation.
- CVE-2022-48219Feb 14, 2024risk 0.00cvss —epss 0.00
Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP TamperLock feature, which might allow intrusion detection bypass via a physical attack. HP is releasing firmware and guidance to mitigate these potential vulnerabilities.
- CVE-2015-8317Dec 15, 2015risk 0.00cvss —epss 0.06
The xmlParseXMLDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive information via an (1) unterminated encoding value or (2) incomplete XML declaration in XML data, which triggers an out-of-bounds heap read.
- CVE-2015-8242Dec 15, 2015risk 0.00cvss —epss 0.04
The xmlSAX2TextNode function in SAX2.c in the push interface in the HTML parser in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (stack-based buffer over-read and application crash) or obtain sensitive information via crafted XML data.
- CVE-2015-7500Dec 15, 2015risk 0.00cvss —epss 0.06
The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags.
Page 28 of 46