EUVD-2022-29330

Malicious code in bioql PyPI...

CVE-2022-24447

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export...

CVE-2022-24446

An issue was discovered in Zoho ManageEngine Key Manager Plus 6.1.6. A user, with the level Operator, can see all SSH servers and user information even if no SSH server or user is associated to the operator...

CVE-2022-24447

An issue was discovered in Zoho ManageEngine Key Manager Plus before 6200. A service exposed by the application allows a user, with the level Operator, to access stored SSL certificates and associated key pairs during export...

ZOHO ManageEngine Key Manager Plus 安全漏洞

ZOHO ManageEngine Key Manager Plus is a WEB-based SSH secret key management solution from ZOHO that helps you harden, control, manage, monitor and audit SSH keys across the entire lifecycle of the keys. It provides administrators with the ability to visualize SSH management, helping them to...

PT-2022-16703 · Zoho · Zoho Manageengine Admanager Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine Key Manager Plus version 6.1.6 Description: An issue was discovered where a user with the level Operator can see all SSH servers and user information, even if no SSH server or user is associated with the operator...

CVE-2021-28382

Zoho ManageEngine Key Manager Plus (before 6001) exposes a Stored XSS vulnerability on the user-management page when importing malicious user details from Active Directory. Affects the product in versions prior to 6001. Remediation: upgrade to version 6001 or later per release notes.