Filtered by vendor Opentext
Subscriptions
Total
158 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-15610 | 1 Opentext | 1 Rightfax | 2026-04-30 | N/A |
| The .NET Remoting framework used by OpenText Fax (RightFax) includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible. | ||||
| CVE-2008-0769 | 1 Opentext | 1 Livelink Ecm | 2026-04-23 | N/A |
| Cross-site scripting (XSS) vulnerability in Livelink ECM 9.0.0 through 9.7.0 and possibly earlier does not set the charset, which allows remote attackers to inject arbitrary web script or HTML via UTF-7 encoded input. | ||||
| CVE-2026-1658 | 1 Opentext | 1 Directory Services | 2026-04-17 | 5.3 Medium |
| User Interface (UI) Misrepresentation of Critical Information vulnerability in OpenText™ Directory Services allows Cache Poisoning. The vulnerability could be exploited by a bad actor to inject manipulated text into the OpenText application, potentially misleading users. This issue affects Directory Services: from 20.4.1 through 25.2. | ||||
| CVE-2025-12453 | 1 Opentext | 1 Vertica | 2026-04-17 | 6.1 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X, from 25.2.0 through 25.2.X, from 25.3.0 through 25.3.X. | ||||
| CVE-2025-12454 | 1 Opentext | 1 Vertica | 2026-04-17 | 6.1 Medium |
| Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in OpenText™ Vertica allows Reflected XSS. The vulnerability could lead to Reflected XSS attack of cross-site scripting in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X, from 25.1.0 through 25.1.X. | ||||
| CVE-2025-12455 | 1 Opentext | 1 Vertica | 2026-04-17 | 7.5 High |
| Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X. | ||||
| CVE-2026-3266 | 1 Opentext | 1 Filr | 2026-04-16 | 9.8 Critical |
| Missing Authorization vulnerability in OpenText™ Filr allows Authentication Bypass. The vulnerability could allow unauthenticated users to get XSRF token and do RPC with carefully crafted programs. This issue affects Filr: through 25.1.2. | ||||
| CVE-2004-2496 | 1 Opentext | 1 Opentext Firstclass | 2026-04-16 | N/A |
| The HTTP daemon in OpenText FirstClass 7.1 and 8.0 allows remote attackers to cause a denial of service (service availability loss) via a large number of POST requests to /Search. | ||||
| CVE-2004-0037 | 1 Opentext | 1 Opentext Firstclass Desktop Client | 2026-04-16 | N/A |
| FirstClass Desktop Client 7.1 allows remote attackers to execute arbitrary commands via hyperlinks in FirstClass RTF messages. | ||||
| CVE-2024-7050 | 1 Opentext | 1 Directory Services | 2026-04-15 | N/A |
| Improper Authentication vulnerability in OpenText OpenText Directory Services may allow Multi-factor Authentication Bypass in particular scenarios.This issue affects OpenText Directory Services: 24.2. | ||||
| CVE-2025-8616 | 1 Opentext | 1 Advanced Authentication | 2026-04-15 | N/A |
| A weakness identified in OpenText Advanced Authentication where a Malicious browser plugin can record and replay the user authentication process to bypass Authentication. This issue affects Advanced Authentication on or before 6.5.0. | ||||
| CVE-2024-1147 | 1 Opentext | 1 Pvcs Version Manager | 2026-04-15 | 9.8 Critical |
| Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and download of files. | ||||
| CVE-2024-12862 | 1 Opentext | 1 Content Server | 2026-04-15 | N/A |
| Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.This issue affects Content Server: 20.2-24.4. | ||||
| CVE-2024-1148 | 1 Opentext | 1 Pvcs Version Manager | 2026-04-15 | 9.8 Critical |
| Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files. | ||||
| CVE-2025-8997 | 1 Opentext | 1 Enterprise Security Manager | 2026-04-15 | N/A |
| An Information Exposure vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited. | ||||
| CVE-2024-9432 | 1 Opentext | 1 Vertica | 2026-04-15 | N/A |
| Cleartext Storage of Sensitive Information vulnerability in OpenText™ Vertica allows Retrieve Embedded Sensitive Data. The vulnerability could read Vertica agent plaintext apikey.This issue affects Vertica versions: 23.X, 24.X, 25.X. | ||||
| CVE-2025-3478 | 1 Opentext | 1 Enterprise Security Manager | 2026-04-15 | N/A |
| A Stored Cross-Site Scripting (XSS) vulnerability has been identified in OpenText Enterprise Security Manager. The vulnerability could be remotely exploited. | ||||
| CVE-2025-15579 | 1 Opentext | 1 Directory Services | 2026-04-15 | N/A |
| Deserialization of Untrusted Data vulnerability in OpenText™ Directory Services allows Object Injection. The vulnerability could lead to remote code execution, denial of service, or privilege escalation. This issue affects Directory Services: before 24.4.16, from 25.1 before 25.1.9, from 25.2 before 25.2.9, from 25.3 before 25.3.8, from 25.4 before 25.4.5, from 26.1 before 26.1.2. | ||||
| CVE-2025-11884 | 1 Opentext | 1 Ucmdb | 2026-04-15 | N/A |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts This issue affects uCMDB: 24.4. | ||||
| CVE-2025-9120 | 1 Opentext | 1 Carbonite Safe Server Backup | 2026-04-15 | N/A |
| Improper Control of Generation of Code ('Code Injection') vulnerability in OpenText™ Carbonite Safe Server Backup allows Code Injection. The vulnerability could be exploited through an open port, potentially allowing unauthorized access. This issue affects Carbonite Safe Server Backup: through 6.8.3. | ||||