zohocorp

561 tracked vulnerabilities.

CVE-2021-40172 HIGH
ManageEngine Log360 < 5.1 - Cross-Site Request Forgery in Proxy Settings
Aug 29, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-33256 HIGH
ManageEngine ADSelfService Plus <6.1.6101 - CSV Injection
Aug 09, 2021
CVSS 8.8
EPSS 0.79
CVE-2021-33617 MEDIUM
Zoho ManageEngine Password Manager Pro <11.2.11200 - Info Disclosure
Jul 31, 2021
CVSS 5.3
EPSS 0.02
CVE-2021-20110 CRITICAL
ManageEngine Asset Explorer Agent 1.0.34 - Remote Code Execution via Integer Overflow in HTTP Response Handling
Jul 19, 2021
CVSS 9.8
EPSS 0.07
CVE-2021-20109 HIGH
ManageEngine AssetExplorer - Heap Overflow via Unvalidated HTTPS Certificate
Jul 19, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-20108 HIGH
ManageEngine Asset Explorer Agent 1.0.34 - Denial of Service via Memory Leak in AEAgent.cpp
Jul 19, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-36772 MEDIUM
ManageEngine ADManager Plus < 7110 - Stored Cross-Site Scripting
Jul 17, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-36771 MEDIUM
ManageEngine ADManager Plus < 7110 - Reflected Cross-Site Scripting
Jul 17, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-33911 CRITICAL
Zoho ManageEngine ADManager Plus < 7110 - Remote Code Execution
Jul 17, 2021
CVSS 9.8
EPSS 0.05
CVE-2021-31874 MEDIUM
Zoho ManageEngine ADSelfService Plus <6104 - Info Disclosure
Jul 02, 2021
CVSS 5.9
EPSS 0.04
CVE-2021-31813 MEDIUM
Zoho ManageEngine Applications Manager < 15130 - Stored Cross-Site Scripting via AD User Import
Jul 01, 2021
CVSS 5.4
EPSS 0.78
CVE-2021-31531 CRITICAL
ManageEngine ServiceDesk Plus MSP < 10521 - Server-Side Request Forgery
Jun 29, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-31530 HIGH
ManageEngine ServiceDesk Plus MSP < 10522 - Information Disclosure
Jun 29, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-31160 HIGH
Zoho ManageEngine ServiceDesk Plus MSP <10521 - Info Disclosure
Jun 29, 2021
CVSS 7.5
EPSS 0.04
CVE-2021-28958 CRITICAL
ManageEngine ADSelfService Plus <= 6101 - Unauthenticated Remote Code Execution
Jun 25, 2021
CVSS 9.8
EPSS 0.73
CVE-2021-31857 MEDIUM
Zoho ManageEngine Password Manager Pro <11.1.11104 - Info Disclosure
Jun 16, 2021
CVSS 5.9
EPSS 0.03
CVE-2021-31159 MEDIUM
Zoho ManageEngine ServiceDesk Plus MSP <10519 - Info Disclosure
Jun 16, 2021
CVSS 5.3
EPSS 0.18
CVE-2021-20081 HIGH
ManageEngine ServiceDesk Plus <11205 - Command Injection
Jun 10, 2021
CVSS 7.2
EPSS 0.52
CVE-2021-28382 MEDIUM
Zoho ManageEngine Key Manager Plus <6.01 - XSS
Jun 07, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-27956 MEDIUM
Zoho ManageEngine ADSelfService Plus <6104 - XSS
May 20, 2021
CVSS 6.1
EPSS 0.02
CVE-2021-28959 CRITICAL
Zoho ManageEngine Eventlog Analyzer <= 12147 - Path Traversal & RCE via ZIP Entry
Apr 30, 2021
CVSS 9.8
EPSS 0.17
CVE-2021-3287 CRITICAL NUCLEI
ManageEngine OpManager SumPDU Java Deserialization
Apr 22, 2021
CVSS 9.8
EPSS 0.51
CVE-2021-20080 MEDIUM
ManageEngine ServiceDesk Plus < 11200 - Unauthenticated Stored Cross-Site Scripting via XML Asset Upload
Apr 09, 2021
CVSS 6.1
EPSS 0.93
CVE-2021-20078 CRITICAL
ManageEngine OpManager < 125346 - Remote Denial of Service via Spark Gateway Path Traversal
Apr 01, 2021
CVSS 9.1
EPSS 0.60
CVE-2021-27214 MEDIUM
ManageEngine ADSelfService Plus <= 6013 - Unauthenticated Server-Side Request Forgery via ProductConfig Servlet
Feb 19, 2021
CVSS 6.1
EPSS 0.02