CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5119 matches found

Cvelist•added 2025/06/09 10:44 a.m.•14 views

CVE-2025-41437 Reflected XSS

Zohocorp ManageEngine OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer and OpUtils versions 128565 and below are vulnerable to Reflected XSS on the login page...

4.3CVSS0.00215EPSS

Exploits0References1

CVE•added 2025/06/09 10:44 a.m.•51 views

CVE-2025-41437

CVE-2025-41437 affects several ManageEngine products (OpManager, NetFlow Analyzer, Network Configuration Manager, Firewall Analyzer, and OpUtils). The vulnerability is a Reflected XSS on the login page caused by an issue in the login handling, affecting versions 128565 and below. Impact: credenti...

4.3CVSS6.2AI score0.00215EPSS

Exploits0References1

Cvelist•added 2025/06/09 10:29 a.m.•17 views

CVE-2025-3835 Remote Code Execution

Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...

9.6CVSS0.01925EPSS

Exploits0References1

CVE•added 2025/06/09 10:29 a.m.•58 views

CVE-2025-3835

CVE-2025-3835 affects Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and earlier, with a Remote Code Execution vulnerability in the Content Search module. Public notes from multiple sources (NVD/Red Hat/Nessus entry) confirm the affected product and version range and describe RCE in t...

9.6CVSS7.8AI score0.01925EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/06/09 10:29 a.m.•4 views

CVE-2025-3835 Remote Code Execution

Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior are vulnerable to Remote code execution in the Content Search module...

9.6CVSS9.8AI score0.01925EPSS

Exploits0References1

CNNVD•added 2025/06/09 12:0 a.m.•2 views

ZOHO多款产品安全漏洞

ZOHO ManageEngine Netflow Analyzer and so on are products of ZOHO USA.ZOHO ManageEngine Netflow Analyzer is a set of Web-based bandwidth monitoring tools.ZOHO ManageEngine Firewall Analyzer is a ZOHO ManageEngine Firewall Analyzer is a set of Web-based firewall log analysis tools, ZOHO ManageEngi...

4.3CVSS6AI score0.00215EPSS

Exploits0References1

CNNVD•added 2025/06/09 12:0 a.m.•4 views

ZOHO ManageEngine Exchange Reporter Plus 安全漏洞

ZOHO ManageEngine Exchange Reporter Plus is a Web-based Exchange Server reporting software from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine Exchange Reporter Plus 5721 and prior versions that originates from remote code execution in the Content Search module...

9.6CVSS7.9AI score0.01925EPSS

Exploits0References1

Positive Technologies•added 2025/05/29 12:0 a.m.•6 views

PT-2025-24419 · Zohocorp · Zoho Manageengine Exchange Reporter Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine Exchange Reporter Plus versions 5721 and prior Description: The issue concerns remote code execution in the Content Search module. It is related to the CWE-434 Unrestricted Upload of File with Dangerous Type. Remote code...

10CVSS9.8AI score0.01925EPSS

Exploits0References9

BDU FSTEC•added 2025/05/27 12:0 a.m.•3 views

The vulnerability of the Service Account Audit Data component of the Windows Active Directory (AD) management and reporting software Zoho ManageEngine ADAudit Plus allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of the “Service Account Audit Data” component of the Windows Active Directory AD management and reporting software Zoho ManageEngine ADAudit Plus is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability can allow an attacker,...

8.7CVSS5.6AI score0.01356EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2025/05/25 11:2 a.m.•16 views

CVE-2025-41407

Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection in the OU History report...

8.3CVSS7.9AI score0.01199EPSS

Exploits0References1

RedhatCVE•added 2025/05/25 11:2 a.m.•14 views

CVE-2025-36527

Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports...

8.3CVSS7.9AI score0.20188EPSS

Exploits0References1

RedhatCVE•added 2025/05/24 11:18 a.m.•19 views

CVE-2025-41403

Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection while fetching service account audit data...

8.3CVSS7.8AI score0.01356EPSS

Exploits0References1

RedhatCVE•added 2025/05/24 11:18 a.m.•12 views

CVE-2025-3836

Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the logon events aggregate report...

8.3CVSS7.7AI score0.0459EPSS

Exploits0References1

RedhatCVE•added 2025/05/24 11:18 a.m.•19 views

CVE-2025-3444

Zohocorp ManageEngine ServiceDesk Plus MSP and SupportCenter Plus versions below 14920 are vulnerable to authenticated Local File Inclusion LFI in the Admin module, where help card content is loaded...

6.5CVSS6.7AI score0.01225EPSS

Exploits0References1