CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

190 matches found

Zoho manageengine - Cross-Site Scripting

Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the...

6.1CVSS6AI score0.54113EPSS

Exploits3References4

IBM Security Bulletins•added 2026/04/18 2:39 a.m.•11 views

Security Bulletin: Multiple vulnerabilities in IBM Tivoli Network Configuration Manager IP Edition (ITNCM)

Summary Multiple vulnerabilities were addressed in ITNCM version 6.4.2 Fix Pack 24 6.4.2.24 Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname verification of the peer certificate, even...

9.8CVSS6.2AI score0.00089EPSS

Exploits1Affected Software1

RedhatCVE•added 2026/01/09 12:11 p.m.•6 views

CVE-2018-18980

An XML External Entity injection XXE vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrar...

7.5CVSS7.2AI score0.30508EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:36 a.m.•1 views

CVE-2021-41081

Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search...

9.8CVSS8AI score0.2736EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:49 a.m.•2 views

CVE-2022-37024

Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution...

8.8CVSS7.5AI score0.51233EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:29 a.m.•6 views

CVE-2023-29505

An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking...

8.8CVSS6.9AI score0.00466EPSS

Exploits0References1

IBM Security Bulletins•added 2025/12/11 9:51 a.m.•8 views

Security Bulletin: Multiple vulnerabilities in IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager ( CVE-2025-53066, CVE-2025-53057).

Summary Multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 8, used by IBM Tivoli Network Configuration Manager IP Edition Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions...

7.5CVSS6.6AI score0.00068EPSS

Exploits0Affected Software1