Search
Search Results (149 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11846 | 2 Microfocus, Opentext | 2 Netiq Privileged Access Manager, Privileged Access Manager | 2024-08-23 | 8.7 High |
| A vulnerability found in OpenText Privileged Access Manager that issues a token. on successful issuance of the token, a cookie gets set that allows unrestricted access to all the application resources. This issue affects Privileged Access Manager before 3.7.0.1. | ||||
| CVE-2020-11850 | 2 Microfocus, Opentext | 2 Netiq Self Service Password Reset, Self Service Password Reset | 2024-08-23 | 7.3 High |
| Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Cross-Site Scripting (XSS). This issue affects Self Service Password Reset before 4.5.0.2 and 4.4.0.6 | ||||
| CVE-2024-4187 | 1 Opentext | 1 Filr | 2024-08-15 | 5.4 Medium |
| Stored XSS vulnerability has been discovered in OpenText™ Filr product, affecting versions 24.1.1 and 24.2. The vulnerability could cause users to not be warned when clicking links to external sites. | ||||
| CVE-2023-7249 | 1 Opentext | 1 Directory Services | 2024-08-13 | 9.8 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in OpenText OpenText Directory Services allows Path Traversal.This issue affects OpenText Directory Services: from 16.4.2 before 24.1. | ||||
| CVE-2024-6361 | 1 Opentext | 1 Alm Octane | 2024-08-06 | N/A |
| Improper Neutralization vulnerability (XSS) has been discovered in OpenText™ ALM Octane. The vulnerability affects all version prior to version 23.4. The vulnerability could cause remote code execution attack. | ||||
| CVE-2013-6994 | 1 Opentext | 1 Exceed Ondemand | 2024-08-06 | N/A |
| OpenText Exceed OnDemand (EoD) 8 transmits the session ID in cleartext, which allows remote attackers to perform session fixation attacks by sniffing the network. | ||||
| CVE-2013-6807 | 1 Opentext | 1 Exceed Ondemand | 2024-08-06 | N/A |
| The client in OpenText Exceed OnDemand (EoD) 8 supports anonymous ciphers by default, which allows man-in-the-middle attackers to bypass server certificate validation, redirect a connection, and obtain sensitive information via crafted responses. | ||||
| CVE-2013-6806 | 1 Opentext | 1 Exceed Ondemand | 2024-08-06 | N/A |
| OpenText Exceed OnDemand (EoD) 8 allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information via a crafted string in a response, which triggers a downgrade to simple authentication that sends credentials in plaintext. | ||||
| CVE-2013-6805 | 1 Opentext | 1 Exceed Ondemand | 2024-08-06 | N/A |
| OpenText Exceed OnDemand (EoD) 8 uses weak encryption for passwords, which makes it easier for (1) remote attackers to discover credentials by sniffing the network or (2) local users to discover credentials by reading a .eod8 file. | ||||