34 matches found
CVE-2025-11248
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token...
CVE-2025-11248
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token...
CVE-2025-11248 Sensitive Information Logged
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token...
CVE-2025-11248 Sensitive Information Logged
ZohoCorp ManageEngine Endpoint Central versions prior to 11.4.2528.05 are vulnerable to a sensitive information logging issue. An authenticated user with access to the logs could potentially obtain the sensitive agent token...
CVE-2025-7473
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...
CVE-2025-7473
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...
CVE-2025-7473
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...
CVE-2025-7473 XML Injection
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...
CVE-2025-7473 XML Injection
Zohocorp ManageEngine EndPoint Central versions 11.4.2516.1 and prior are vulnerable to XML Injection...
EUVD-2025-35163
ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component...
CVE-2025-5496 Arbitrary File Deletion
ZohoCorp ManageEngine Endpoint Central versions earlier than 11.4.2508.14, 11.4.2516.06, and 11.4.2518.01 are affected by an arbitrary file deletion vulnerability in the agent setup component...
EUVD-2024-37653
Malicious code in bioql PyPI...
EUVD-2024-50425
Malicious code in bioql PyPI...
EUVD-2025-31092
Malicious code in bioql PyPI...
CVE-2025-5494
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13...
CVE-2025-5494 Privilege Escalation
ZohoCorp ManageEngine Endpoint Central was impacted by an improper privilege management issue in the agent setup. This issue affects Endpoint Central: through 11.4.2500.25, through 11.4.2508.13...
CVE-2025-5494
ZohoCorp ManageEngine Endpoint Central is affected by an improper privilege management flaw in the agent setup. The issue impacts Endpoint Central versions up to 11.4.2500.25 and up to 11.4.2508.13. Root cause: improper privilege handling during the agent installation process, enabling local priv...
ManageEngine Endpoint Central 11.3.2428.x <= 11.3.2428.01, 11.3.2440.x <= 11.3.2440.0 Insecure Direct Object References
The version of ManageEngine Endpoint Central installed on the remote Windows host is either prior to 11.3.2428.26 or prior to 11.3.2440.09. It is,therefore, affected by an insecure direct object references vulnerability. For more information, consult the vendor advisory. Note that Nessus has not...
CVE-2024-9097
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat...
CVE-2024-9097
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat...