microfocus security advisories
6 threat alerts tracking vulnerabilities and security advisories that affect microfocus products.
Vulnios monitors microfocus CVE feeds, vendor advisories, CISA KEV listings, and exploit-prediction data continuously. Each alert below is enriched with severity, exploitation status, affected products, and a remediation path. Use this page to scan recent microfocus security news in one place, or click into an individual alert for full detail.
Critical Vulnerability: CVE-2016-9176 — microfocus — rumba
Stack buffer overflow in the send.exe and receive.exe components of Micro Focus Rumba 9.4 and earlier could be used by local attackers or attackers able to inject arguments to these binaries to execut
criticalCVE-2016-9176Critical Vulnerability: CVE-2016-5228 — microfocus — rumba
Stack-based buffer overflow in the PlayMacro function in ObjectXMacro.ObjectXMacro in WdMacCtl.ocx in Micro Focus Rumba 9.x before 9.3 HF 11997 and 9.4.x before 9.4 HF 12815 allows remote attackers to
criticalCVE-2016-5228Critical Vulnerability: CVE-2016-1606 — microfocus — rumba
Multiple stack-based buffer overflows in COM objects in Micro Focus Rumba 9.4.x before 9.4 HF 13960 allow remote attackers to execute arbitrary code via (1) the NetworkName property value to ObjectXSN
criticalCVE-2016-1606Critical Vulnerability: CVE-2017-9283 — microfocus — visibroker
An out-of-bounds read (CWE-125) vulnerability exists in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerability for further attacks was not assessed.
criticalCVE-2017-9283Critical Vulnerability: CVE-2017-9282 — microfocus — visibroker
An integer overflow (CWE-190) led to an out-of-bounds write (CWE-787) on a heap-allocated area, leading to heap corruption in Micro Focus VisiBroker 8.5. The feasibility of leveraging this vulnerabili
criticalCVE-2017-9282Critical Vulnerability: CVE-2017-7420 — microfocus — enterprise_developer, enterprise_server
An Authentication Bypass (CWE-287) vulnerability in ESMAC (aka Enterprise Server Monitor and Control) in Micro Focus Enterprise Developer and Enterprise Server 2.3 and earlier, 2.3 Update 1 before Hot
criticalCVE-2017-7420
Track microfocus exposure across your environment
Vulnios automatically cross-references your asset inventory against new microfocus CVEs and surfaces only what affects you. No more sifting manually — actionable findings only.
Start a free scan