Affected Products

Vendor / product matrix with CVE counts sourced from the CPE catalog.

Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
microfocus
1137021.9%CRITICAL

Related CVEs

37
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2026-2123A security audit identified a privilege escalation vulnerability in Operations Agent(<=OA 12.29) on Windows. Under specific conditions Operations Agent may run executables from specific writeable locations.Thanks to Manuel Rickli & Philippe Leiser of Oneconsult AG for reporting this vulnerabilityHIGH8.61.1%Mar 31, 2026
CVE-2023-24467Possible Command Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0000.CRITICAL9.860.8%Nov 22, 2024
CVE-2023-24466Possible XML External Entity Injection in iManager GET parameter has been discovered in OpenText™ iManager 3.2.6.0200.CRITICAL9.840.6%Nov 22, 2024
CVE-2022-26324Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.6.0000.MEDIUM5.419.5%Nov 22, 2024
CVE-2021-38135Possible External Service Interaction attack in iManager has been discovered in OpenText™ iManager 3.2.6.0000.CRITICAL9.835.4%Nov 22, 2024
CVE-2021-38134Possible XSS in iManager URL for access Component has been discovered in OpenText™ iManager 3.2.5.0000.MEDIUM6.120.0%Nov 22, 2024
CVE-2021-38119Possible Reflected Cross-Site Scripting (XSS) Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.MEDIUM6.121.7%Nov 22, 2024
CVE-2021-38118Possible improper input validation Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.HIGH7.811.2%Nov 22, 2024
CVE-2021-38117Possible Command injection Vulnerability in iManager has been discovered in OpenText™ iManager 3.2.4.0000.CRITICAL9.861.8%Nov 22, 2024
CVE-2021-38116Possible Elevation of Privilege Vulnerability in iManager has been discovered in OpenText™ iManager. This impacts all versions before 3.2.5HIGH8.844.3%Nov 22, 2024
CVE-2024-9841A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in OpenText ArcSight Management Center and ArcSight Platform. The vulnerability could be remotely exploited.HIGH7.014.0%Nov 8, 2024
CVE-2020-11859Improper Input Validation vulnerability in OpenText iManager allows Cross-Site Scripting (XSS). This issue affects iManager before 3.2.3MEDIUM5.424.7%Nov 6, 2024
CVE-2024-5532Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Operations Agent.  The XSS vulnerability could allow an attacker with local admin permissions to manipulate the content of the internal status page of the Agent on the local system. This issue affects Operations Agent: 12.20, 12.21, 12.22, 12.23, 12.24, 12.25, 12.26.LOW1.87.9%Oct 28, 2024
CVE-2024-4692Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - Service Virtualization config has been discovered in in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate Service Virtualization server names. This issue affects OpenText Application Automation Tools: 24.1.0 and below.LOW1.818.6%Oct 16, 2024
CVE-2024-4690Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.MEDIUM5.129.4%Oct 16, 2024
CVE-2024-4211Improper Validation of Specified Quantity in Input vulnerability in OpenText OpenText Application Automation Tools allows Exploiting Incorrectly Configured Access Control Security Levels. Multiple missing permission checks - ALM job config has been discovered in OpenText Application Automation Tools. The vulnerability could allow users with Overall/Read permission to enumerate ALM server names, usernames and client IDs configured to be used with ALM servers. This issue affects OpenText Application Automation Tools: 24.1.0 and below.LOW1.818.6%Oct 16, 2024
CVE-2024-4189Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.MEDIUM5.935.3%Oct 16, 2024
CVE-2024-4184Improper Restriction of XML External Entity Reference vulnerability in OpenText Application Automation Tools allows DTD Injection.This issue affects OpenText Application Automation Tools: 24.1.0 and below.MEDIUM5.935.3%Oct 16, 2024
CVE-2024-6360Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.MEDIUM6.922.6%Oct 2, 2024
CVE-2021-38133Possible External Service Interaction attack in eDirectory has been discovered in OpenText™ eDirectory. This impact all version before 9.2.6.0000.MEDIUM6.524.4%Sep 12, 2024