CVSS: 9.8EPSS: 3%CPEs: 8EXPL: 0CVE-2009-5153
https://notcve.org/view.php?id=CVE-2009-5153
In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted. En Novell NetWare en versiones anteriores a la 6.5 SP8, un desbordamiento de búfer basado en pila durante el procesamiento de llamadas CALLIT RPC en el demonio NFS Portmapper en PKERNEL.NLM permitía que atacantes remotos no autenticados ejecutasen código, debido a que se confió erróneamente en un campo de longitud. • https://bugzilla.suse.com/show_bug.cgi?id=515804 https://download.novell.com/Download?buildid=1z3z-OsVCiE~ https://www.zerodayinitiative.com/advisories/ZDI-09-067 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2018-17948
https://notcve.org/view.php?id=CVE-2018-17948
An open redirect vulnerability exists in the Access Manager Identity Provider prior to 4.4 SP3. Existe una vulnerabilidad de redirección abierta en Access Manager Identity Provider en versiones anteriores a la 4.4 SP3. • https://support.microfocus.com/kb/doc.php?id=7023530 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 6.1EPSS: 0%CPEs: 8EXPL: 0CVE-2018-12480 – NetIQ Access Manager XSS vulnerability in versions prior to 4.4 SP3
https://notcve.org/view.php?id=CVE-2018-12480
Mitigates an XSS issue in NetIQ Access Manager versions prior to 4.4 SP3. Mitiga un problema de Cross-Site Scripting (XSS) en NetIQ Access Manager en versiones anteriores a la 4.4 SP3. • https://support.microfocus.com/kb/doc.php?id=7023513 https://www.netiq.com/documentation/access-manager-44/accessmanager443-release-notes/data/accessmanager443-release-notes.html#b149i4n6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2018-18591 – MFSBGN03823 rev.1 - Micro Focus Service Manager, unauthorized disclosure of data
https://notcve.org/view.php?id=CVE-2018-18591
A potential unauthorized disclosure of data vulnerability has been identified in Micro Focus Service Manager versions: 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51. The vulnerability could be exploited to release unauthorized disclosure of data. Se ha identificado una potencial divulgación de datos en Micro Focus Service Manager en versiones 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50 y 9.51. La vulnerabilidad podría ser explotada para divulgar datos de forma no autorizada. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286176 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.6EPSS: 0%CPEs: 4EXPL: 0CVE-2018-18590 – MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution
https://notcve.org/view.php?id=CVE-2018-18590
A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure. Existe una vulnerabilidad de ejecución remota de código y divulgación de información en Micro Focus Operations Bridge, en la suite "containerized", en versiones 2017.11, 2018.02, 2018.05 y 2018.08. Esta vulnerabilidad podría permitir la divulgación de información. • https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03283416 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •