Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

RedhatCVE
RedhatCVEadded 2025/05/22 10:10 p.m.7 views

CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution...

9.8CVSS9.6AI score0.94202EPSS
Exploits6References1
VulnCheck KEV
VulnCheck KEVadded 2023/11/13 12:0 a.m.0 views

VulnCheck KEV: CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution...

9.8CVSS7.3AI score0.94202EPSS
Exploits6References1
BDU FSTEC
BDU FSTECadded 2022/07/06 12:0 a.m.1 views

The vulnerability of the cewolf component of the Windows Active Directory (AD) management and reporting software Zoho ManageEngine ADAudit Plus allows attackers to perform XXE attacks.

The vulnerability of the cewolf component of the Windows Active Directory management and reporting software Zoho ManageEngine ADAudit Plus is related to an incorrect limitation on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to perform XXE attack...

10CVSS7.7AI score0.94202EPSS
Exploits6References6Affected Software1
OSV
OSVadded 2022/04/05 7:15 p.m.2 views

CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution...

9.8CVSS7.3AI score0.94202EPSS
Exploits6References5
ATTACKERKB
ATTACKERKBadded 2022/04/05 7:15 p.m.3 views

CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution. Rapid7 Analysis Overview On June 29, 2022, Horizon3 Attack Team posted a writeup of CVE-2022-28219, which is a Java deserialization issue in ManageEngine ADAudi...

9.8CVSS6.7AI score0.94202EPSS
Exploits6References8
Cvelist
Cvelistadded 2022/04/05 6:32 p.m.22 views

CVE-2022-28219

Cewolf in Zoho ManageEngine ADAudit Plus before 7060 is vulnerable to an unauthenticated XXE attack that leads to Remote Code Execution...

10AI score0.94202EPSS
Exploits6References5
Positive Technologies
Positive Technologiesadded 2022/04/05 12:0 a.m.3 views

PT-2022-3394 · Zoho · Zoho Manageengine Adaudit Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADAudit Plus versions prior to 7060 Description: The issue is related to the cewolf component in Zoho ManageEngine ADAudit Plus, which is vulnerable to an unauthenticated XXE attack due to incorrect restriction of XML extern...

10CVSS9.6AI score0.94202EPSS
Exploits6References30
Positive Technologies
Positive Technologiesadded 2020/03/06 12:0 a.m.4 views

PT-2020-2203

Name of the Vulnerable Software and Affected Versions Zoho ManageEngine Desktop Central versions prior to 10.0.474 Description The issue is related to the deserialization of untrusted data in the getChartImage method of the FileStorage class, which is associated with the CewolfServlet and...

10CVSS7.8AI score0.94248EPSS
Exploits6References23
securityvulns
securityvulnsadded 2011/02/26 12:0 a.m.72 views

Denial of Service vulnerability in Cewolf

Hello 3APA3A! I want to warn you about Denial of Service vulnerability in Cewolf - Chart Enabling Web Object Framework. This servlet is using as at individual sites, as in different CMS. Besides Cewolf itself, also those web applications are vulnerable which are using it, such as Megapolis.Portal...

1.6AI score
Exploits0
Rows per page
Query Builder