CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2020-25839
https://notcve.org/view.php?id=CVE-2020-25839
NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. This vulnerability is fixed in NetIQ IdM 4.8 SP2 HF1. NetIQ Identity Manager versiones 4.8 anteriores a 4.8 SP2 HF1, está afectado por una vulnerabilidad de inyección. Esta vulnerabilidad es corregida en NetIQ IdM versión 4.8 SP2 HF1 • https://www.netiq.com/documentation/identity-manager-48/releasenotes_idm4821_apps/data/releasenotes_idm4821_apps.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25833
https://notcve.org/view.php?id=CVE-2020-25833
Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. The vulnerability could be exploited to perform Persistent XSS attack. Una vulnerabilidad de tipo cross-Site Scripting persistente en el producto Micro Focus IDOL, afectando a todas las versiones anteriores a 12.7. La vulnerabilidad podría ser explotada para llevar a cabo un ataque de tipo XSS persistente • https://softwaresupport.softwaregrp.com/doc/KM03763397 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-25832
https://notcve.org/view.php?id=CVE-2020-25832
Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. The vulnerability could be exploited to perform Reflected XSS attack. Una vulnerabilidad de tipo Cross Site scripting reflejada en el producto Micro Focus Filr, afectando a la versión 4.2.1. La vulnerabilidad podría ser explotada para llevar a cabo un ataque de tipo XSS reflejado • https://softwaresupport.softwaregrp.com/doc/KM03763396 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 13%CPEs: 1EXPL: 1CVE-2020-11851
https://notcve.org/view.php?id=CVE-2020-11851
Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. Una vulnerabilidad de ejecución de código arbitraria en el producto Micro Focus ArcSight Logger, afectando a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una ejecución de código arbitraria • https://github.com/ch1nghz/CVE-2020-11851 https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11860
https://notcve.org/view.php?id=CVE-2020-11860
Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS) Una vulnerabilidad de tipo Cross-Site Scripting en el producto Micro Focus ArcSight Logger, que afecta a todas las versiones anteriores a 7.1.1. La vulnerabilidad podría ser explotada remotamente resultando en una vulnerabilidad de tipo Cross-Site Scripting (XSS) • https://community.microfocus.com/t5/Logger/Logger-Release-Notes-7-1-1/ta-p/2837600 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •