Search Results (160 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-11878 1 Opentext 1 Access Manager 2026-06-24 N/A
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText Access Manager allows Cross-Site Scripting (XSS). This issue affects Access Manager: from 5.1 through 5.1.2.
CVE-2026-11877 1 Opentext 1 Access Manager 2026-06-24 N/A
An unauthorized user can modify configuration through API calls that affects the OpenText Access Manager. This issue affects Access Manager before 5.1.3.
CVE-2025-15610 1 Opentext 1 Rightfax 2026-04-30 N/A
The .NET Remoting framework used by OpenText Fax (RightFax) includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible.
CVE-2008-0769 1 Opentext 1 Livelink Ecm 2026-04-23 N/A
Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input.
CVE-2026-1658 1 Opentext 1 Directory Services 2026-04-17 5.3 Medium
User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning.  The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Directory Services: from 20.4.1 through 25.2.
CVE-2025-12453 1 Opentext 1 Vertica 2026-04-17 6.1 Medium
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS.  The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X.
CVE-2025-12454 1 Opentext 1 Vertica 2026-04-17 6.1 Medium
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS.  The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X.
CVE-2025-12455 1 Opentext 1 Vertica 2026-04-17 7.5 High
Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing.   The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
CVE-2026-3266 1 Opentext 1 Filr 2026-04-16 9.8 Critical
Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2.
CVE-2004-2496 1 Opentext 1 Opentext Firstclass 2026-04-16 N/A
The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search.
CVE-2004-0037 1 Opentext 1 Opentext Firstclass Desktop Client 2026-04-16 N/A
FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages.
CVE-2025-5808 1 Opentext 1 Self Service Password Reset 2026-04-15 N/A
Improper Input Validation vulnerability in OpenText Self Service Password Reset allows Authentication Bypass.This issue affects Self Service Password Reset from before 4.8 patch 3.
CVE-2024-7050 1 Opentext 1 Directory Services 2026-04-15 N/A
Improper Authentication vulnerability in OpenText OpenText Directory Services may allow Multi-factor Authentication Bypass in particular scenarios.This issue affects OpenText Directory Services: 24.2.
CVE-2024-1147 1 Opentext 1 Pvcs Version Manager 2026-04-15 9.8 Critical
Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files.
CVE-2023-32264 1 Opentext 1 Documentum D2 2026-04-15 5.8 Medium
CWE-1385 vulnerability in OpenText Documentum D2 affecting versions16.5.1 to CE 23.2. The vulnerability could allow upload arbitrary code and execute it on the client's computer.
CVE-2024-9432 1 Opentext 1 Vertica 2026-04-15 N/A
Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data.   The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X.
CVE-2024-7650 1 Opentext 1 Directory Services 2026-04-15 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Directory Services allows Remote Code Inclusion. The vulnerability could allow access to the system via script injection.This issue affects Directory Services: 23.4.
CVE-2023-32266 1 Opentext 1 Alm Quality Center 2026-04-15 N/A
Untrusted Search Path vulnerability in OpenText™ Application Lifecycle Management (ALM),Quality Center allows Code Inclusion. The vulnerability allows a user to archive a malicious DLLs on the system prior to the installation.   This issue affects Application Lifecycle Management (ALM),Quality Center: 15.00, 15.01, 15.01 P1, 15.01 P2, 15.01 P3, 15.01 P4, 15.01 P5, 15.51, 15.51 P1, 15.51 P2, 15.51 P3, 16.00, 16.01 P1.
CVE-2025-8716 1 Opentext 1 Content Management 2026-04-15 N/A
In Content Management versions 20.4- 25.3 authenticated attackers may exploit a complex cache poisoning technique to download unprotected files from the server if the filenames are known.
CVE-2025-9120 1 Opentext 1 Carbonite Safe Server Backup 2026-04-15 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection.  The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8.3.