CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2019-11666
https://notcve.org/view.php?id=CVE-2019-11666
Insecure deserialization of untrusted data in Micro Focus Service Manager product versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. The vulnerability could be exploited to allow insecure deserialization of untrusted data. Deserialización no segura de datos no confiables en el producto Micro Focus Service Manager en las versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. La vulnerabilidad podría ser explotada para permitir la deserialización no segura de datos no confiables. • https://softwaresupport.softwaregrp.com/doc/KM03518316 • CWE-502: Deserialization of Untrusted Data •
CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0CVE-2019-11668
https://notcve.org/view.php?id=CVE-2019-11668
HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Server, versions 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. And Micro Focus Service Manager Chat Service 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Una cookie HTTP en el administrador de Micro Focus Service, versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. Y Micro Focus Service Manager Chat Server, versiones 9.41, 9.50, 9.51, 9.52, 9.60, 9.61, 9.62. • https://softwaresupport.softwaregrp.com/doc/KM03517335 •
CVSS: 9.0EPSS: 0%CPEs: 13EXPL: 0CVE-2019-11646
https://notcve.org/view.php?id=CVE-2019-11646
Remote unauthorized command execution and unauthorized disclosure of information in Micro Focus Service Manager, versions 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. This vulnerability could allow Remote unauthorized command execution and unauthorized disclosure of information. Ejecución remota de comandos no autorizados y divulgación no autorizada de información en Micro Focus Service Manager, versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, 9.52, 9.60, 9.61. Esta vulnerabilidad podría permitir la ejecución remota de comandos no autorizados y la divulgación no autorizada de información. • https://softwaresupport.softwaregrp.com/doc/KM03452977 •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-18591 – MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data
https://notcve.org/view.php?id=CVE-2018-18591
A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data. Se ha identificado una potencial divulgación de datos en Micro Focus Service Manager en versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50 y 9.51. La vulnerabilidad podría ser explotada para divulgar datos de forma no autorizada. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-6494 – MFSBGN03807 rev.1 - HP Service Manager Software, Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2018-6494
Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. Vulnerabilidad de inyección SQL en Dolibarr en versiones anteriores a la 7.0.2 permite que atacantes remotos ejecuten comandos SQL arbitrarios mediante el parámetro sortfield en /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php o /admin/website.php. • http://www.securityfocus.com/bid/104141 http://www.securitytracker.com/id/1040902 https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158656 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •