Filtered by vendor Microfocus
Subscribe
Total
267 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24468 | 1 Microfocus | 1 Netiq Advanced Authentication | 2025-05-16 | N/A | 9.8 CRITICAL |
| Broken access control in Advanced Authentication versions prior to 6.4.1.1 and 6.3.7.2 | |||||
| CVE-2022-38753 | 1 Microfocus | 1 Netiq Advanced Authentication | 2025-04-25 | N/A | 6.3 MEDIUM |
| This update resolves a multi-factor authentication bypass attack | |||||
| CVE-2022-38756 | 1 Microfocus | 1 Groupwise | 2025-04-18 | N/A | 4.3 MEDIUM |
| A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies. | |||||
| CVE-2023-24467 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 9.8 CRITICAL |
| Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000. | |||||
| CVE-2023-24466 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 9.8 CRITICAL |
| Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200. | |||||
| CVE-2021-38117 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 9.8 CRITICAL |
| Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||||
| CVE-2022-26324 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 5.4 MEDIUM |
| Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000. | |||||
| CVE-2021-38116 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 8.8 HIGH |
| Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5 | |||||
| CVE-2021-38119 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 6.1 MEDIUM |
| Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||||
| CVE-2021-38134 | 1 Microfocus | 1 Imanager | 2025-04-10 | N/A | 6.1 MEDIUM |
| Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000. | |||||
| CVE-2021-22506 | 1 Microfocus | 1 Access Manager | 2025-03-12 | 5.0 MEDIUM | 7.5 HIGH |
| Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage. | |||||
| CVE-2021-22502 | 1 Microfocus | 1 Operation Bridge Reporter | 2025-03-12 | 10.0 HIGH | 9.8 CRITICAL |
| Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server. | |||||
| CVE-2021-38135 | 1 Microfocus | 1 Imanager | 2025-03-04 | N/A | 9.8 CRITICAL |
| Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000. | |||||
| CVE-2021-38118 | 1 Microfocus | 1 Imanager | 2025-03-04 | N/A | 7.8 HIGH |
| Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000. | |||||
| CVE-2024-0622 | 1 Microfocus | 1 Operations Agent | 2025-01-23 | N/A | 7.8 HIGH |
| Local privilege escalation vulnerability affects OpenText Operations Agent product versions 12.15 and 12.20-12.25 when installed on Non-Windows platforms. The vulnerability could allow local privilege escalation. | |||||
| CVE-2024-3486 | 1 Microfocus | 1 Imanager | 2025-01-21 | N/A | 9.8 CRITICAL |
| XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to information disclosure and remote code execution. | |||||
| CVE-2024-3488 | 1 Microfocus | 1 Imanager | 2025-01-21 | N/A | 9.8 CRITICAL |
| File Upload vulnerability in unauthenticated session found in OpenText™ iManager 3.2.6.0200. The vulnerability could allow ant attacker to upload a file without authentication. | |||||
| CVE-2024-3487 | 1 Microfocus | 1 Imanager | 2025-01-21 | N/A | 9.8 CRITICAL |
| Broken Authentication vulnerability discovered in OpenText™ iManager 3.2.6.0200. This vulnerability allows an attacker to manipulate certain parameters to bypass authentication. | |||||
| CVE-2024-3969 | 1 Microfocus | 1 Imanager | 2025-01-21 | N/A | 9.8 CRITICAL |
| XML External Entity injection vulnerability found in OpenText™ iManager 3.2.6.0200. This could lead to remote code execution by parsing untrusted XML payload | |||||
| CVE-2024-4429 | 1 Microfocus | 1 Imanager | 2025-01-21 | N/A | 7.4 HIGH |
| Cross-Site Request Forgery vulnerability has been discovered in OpenText™ iManager 3.2.6.0200. This could lead to sensitive information disclosure. | |||||