Lucene search
K

5124 matches found

CNNVD
CNNVD
added 2024/11/27 12:0 a.m.4 views

ZOHO ManageEngine Analytics Plus 安全漏洞

ZOHO ManageEngine Analytics Plus is a self-service IT analytics solution from ZOHO. Get a better view of your IT data with rich visualizations and dashboards. A security vulnerability exists in ZOHO ManageEngine Analytics Plus prior to version 6100 that stems from vulnerability to an authenticate...

8.1CVSS6.3AI score0.01128EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/20 12:0 a.m.9 views

ManageEngine ADAudit Plus < Build 8123 SQLi (CVE-2024-49574)

The version of ManageEngine ADAudit Plus installed on the remote host is prior to build 8123. It is, therefore, affected by a SQL injection vulnerability in the reports module.. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version...

8.8CVSS5.9AI score0.0168EPSS
Exploits0References2
OSV
OSV
added 2024/11/18 8:15 a.m.5 views

CVE-2024-49574

Zohocorp ManageEngine ADAudit Plus versions below 8123 are vulnerable to SQL Injection in the reports module...

8.8CVSS5.8AI score0.0168EPSS
Exploits0References1
CVE
CVE
added 2024/11/18 7:55 a.m.54 views

CVE-2024-49574

Affected software: ManageEngine ADAudit Plus. Versions below build 8123 are vulnerable to a SQL injection flaw in the reports module. Root cause: improper handling of SQL queries in the reports component leading to injection. Impact: high confidentiality and integrity impact; partial availability...

8.8CVSS8.7AI score0.0168EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/11/18 12:0 a.m.3 views

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is used by ZOHO USA, Inc. to simplify auditing, demonstrate compliance and detect threats. A security vulnerability exists in ZOHO ManageEngine ADAudit Plus prior to version 8123 that stems from the presence of a SQL injection vulnerability...

8.8CVSS7.5AI score0.0168EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/15 12:0 a.m.6 views

ManageEngine Endpoint Central < 11.3.2416.22 , 11.3.2428.x < 11.3.2428.10, 11.3.2435.x < 11.3.2435.1 Arbitrary File Deletion vulnerability

The version of ManageEngine Endpoint Central installed on the remote Windows host is either prior to 11.3.2416.22, 11.3.2428.10 or 11.3.2435.1. It is,therefore, affected by a Arbitrary File Deletion vulnerability. For more information, consult the vendor advisory. Note that Nessus has not tested...

7.8CVSS5.6AI score0.00316EPSS
Exploits0References2
OSV
OSV
added 2024/11/08 11:15 a.m.2 views

CVE-2024-10839

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity XXE in the Management option...

8.1CVSS5.8AI score0.01458EPSS
Exploits0References1
NVD
NVD
added 2024/11/08 11:15 a.m.16 views

CVE-2024-10839

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity XXE in the Management option...

8.5CVSS0.01458EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/08 10:58 a.m.25 views

CVE-2024-10839 XML External Entity

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity XXE in the Management option...

8.5CVSS0.01458EPSS
Exploits0References1
CVE
CVE
added 2024/11/08 10:58 a.m.57 views

CVE-2024-10839

CVE-2024-10839 affects Zohocorp/ManageEngine SharePoint Manager Plus (versions 4503 and prior). The vulnerability is an authenticated XML External Entity (XXE) issue in the Management option. Impact is described as high confidentiality impact and partial availability impact per the NVD metrics. N...

8.5CVSS8.1AI score0.01458EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/11/08 10:58 a.m.13 views

CVE-2024-10839 XML External Entity

Zohocorp ManageEngine SharePoint Manager Plus versions 4503 and prior are vulnerable to authenticated XML External Entity XXE in the Management option...

8.5CVSS6.7AI score0.01458EPSS
Exploits0References1
OSV
OSV
added 2024/11/08 8:15 a.m.7 views

CVE-2024-24409

Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option...

8.8CVSS5.8AI score0.03941EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/11/08 8:1 a.m.20 views

CVE-2024-24409 Privilege Escalation

Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option...

8.8CVSS6.9AI score0.03941EPSS
Exploits1References1
CVE
CVE
added 2024/11/08 8:1 a.m.65 views

CVE-2024-24409

CVE-2024-24409 affects Zohocorp ManageEngine ADManager Plus versions 7203 and earlier, with a Privilege Escalation in the Modify Computers option. The issue enables elevation of privilege by manipulating computer object attributes (e.g., userAccountControl/msDS-AllowedToDelegateTo) when a technic...

8.8CVSS8.8AI score0.03941EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2024/11/07 10:15 a.m.6 views

CVE-2024-10203

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines...

7.8CVSS5.8AI score0.00316EPSS
Exploits0References1
NVD
NVD
added 2024/11/07 10:15 a.m.14 views

CVE-2024-10203

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines...

7.8CVSS0.00316EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/07 9:20 a.m.16 views

CVE-2024-10203 Agent Arbitrary File Deletion

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines...

7CVSS6.8AI score0.00316EPSS
Exploits0References1
CVE
CVE
added 2024/11/07 9:20 a.m.60 views

CVE-2024-10203

CVE-2024-10203 affects Zohocorp/ManageEngine Endpoint Central. Vulnerable components are the Endpoint Central agent on Windows machines, with version ranges 11.3.2416.21 and below and 11.3.2428.9 and below. root cause is described as insecure privilege management that enables Arbitrary File Delet...

7.8CVSS6.8AI score0.00316EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/11/07 9:20 a.m.19 views

CVE-2024-10203 Agent Arbitrary File Deletion

Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below, 11.3.2428.9 and below are vulnerable to Arbitrary File Deletion in the agent installed machines...

7CVSS0.00316EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/11/07 12:0 a.m.15 views

ManageEngine ADAudit Plus < Build 7250 SQL Injection

The version of ManageEngine ADAudit Plus installed on the remote host is prior to 7.2, Build 7250. It is, therefore, affected by SQL injection vulnerability. - Zohocorp ManageEngine ADManager Plus versions 7241 and prior are vulnerable to SQL Injection in Archived Audit Report. CVE-2024-48878 Not...

8.8CVSS6AI score0.015EPSS
Exploits0References2
Rows per page
Query Builder