Total
16 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-7692 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 5.8 MEDIUM | 6.1 MEDIUM |
Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. | |||||
CVE-2018-7686 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. | |||||
CVE-2018-17952 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross site scripting vulnerability in eDirectory prior to 9.1 SP2 | |||||
CVE-2018-17950 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2 | |||||
CVE-2017-9285 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-11-21 | 7.5 HIGH | 5.4 MEDIUM |
NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services. | |||||
CVE-2017-7429 | 2 Microfocus, Netiq | 2 Edirectory, Edirectory | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server. | |||||
CVE-2012-0432 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 10.0 HIGH | N/A |
Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors. | |||||
CVE-2012-0430 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote attackers to obtain an administrator cookie and bypass authorization checks via unknown vectors. | |||||
CVE-2012-0429 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 4.0 MEDIUM | N/A |
dhost in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 on Windows allows remote authenticated users to cause a denial of service (daemon crash) via crafted characters in an HTTP request. | |||||
CVE-2012-0428 | 1 Microfocus | 1 Edirectory | 2024-11-21 | 4.3 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in NetIQ eDirectory 8.8.6.x before 8.8.6.7 and 8.8.7.x before 8.8.7.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
CVE-2021-22503 | 1 Microfocus | 1 Edirectory | 2024-09-19 | N/A | 6.1 MEDIUM |
Possible Improper Neutralization of Input During Web Page Generation Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.3.0000. | |||||
CVE-2021-22533 | 1 Microfocus | 1 Edirectory | 2024-09-19 | N/A | 9.1 CRITICAL |
Possible Insertion of Sensitive Information into Log File Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.4.0000. | |||||
CVE-2021-22532 | 1 Microfocus | 1 Edirectory | 2024-09-19 | N/A | 7.5 HIGH |
Possible NLDAP Denial of Service attack Vulnerability in eDirectory has been discovered in OpenText™ eDirectory before 9.2.4.0000. | |||||
CVE-2021-38133 | 1 Microfocus | 1 Edirectory | 2024-09-18 | N/A | 6.5 MEDIUM |
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | |||||
CVE-2021-38132 | 1 Microfocus | 1 Edirectory | 2024-09-18 | N/A | 9.8 CRITICAL |
Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000. | |||||
CVE-2021-38131 | 1 Microfocus | 1 Edirectory | 2024-09-18 | N/A | 6.1 MEDIUM |
Possible Cross-Site Scripting (XSS) Vulnerability in eDirectory has been discovered in OpenText™ eDirectory 9.2.5.0000. |