Content manager

This hub aggregates every CVE we track for Content manager, a product in the security products space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 10 most recently published vulnerabilities affecting Content manager.

• CVE-2024-1973Elevation of privileges vulnerability8.5Mar 25, 2024
• CVE-2021-2483Vulnerability in the Oracle Content Manager product of Oracle E-Business Suite (component: Content Item Manager). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerab...8.1Oct 20, 2021
• CVE-2019-3022Vulnerability in the Oracle Content Manager product of Oracle E-Business Suite (component: Content). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vul...5.8Oct 16, 2019
• CVE-2019-11658Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited s...4.3Aug 29, 2019
• CVE-2019-11653Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request.5.4Aug 7, 2019
• CVE-2019-3489An unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. ...7.5Apr 1, 2019
• CVE-2019-2445Vulnerability in the Oracle Content Manager component of Oracle E-Business Suite (subcomponent: Cover Letter). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2....8.2Jan 16, 2019
• CVE-2018-1502IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus al...5.4May 1, 2018
• CVE-2017-14360MFSBGN03791 rev.1 - HPE Content Manager Workgroup Service, Denial of Service (DoS)5.9Nov 8, 2017
• CVE-2015-4000The TLS protocol 1.2 and earlier, when a DHE_EXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHE_EXPORT choice, which allows man-in-the-middle attackers to...3.7May 21, 2015