zohocorp

559 tracked vulnerabilities.

CVE-2019-11361 HIGH
Zoho ManageEngine Remote Access Plus <10.0.258 - Privilege Escalation
Mar 19, 2020
CVSS 8.8
EPSS 0.00
CVE-2019-19799 MEDIUM
ManageEngine Applications Manager < 14600 - Unauthenticated Information Disclosure via WieldFeedServlet
Mar 13, 2020
CVSS 5.3
EPSS 0.07
CVE-2019-20474 MEDIUM
Zoho ManageEngine Remote Access Plus 10.0.447 - Server-Side Request Forgery via Mail-Server Configuration Test
Feb 17, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-19800 MEDIUM
Zoho ManageEngine Applications Manager 14 < 14520 - Unauthenticated OS File Name Disclosure via FailOverHelperServlet
Feb 06, 2020
CVSS 5.3
EPSS 0.09
CVE-2019-19475 HIGH
ManageEngine Applications Manager 14- Build 14360 - Privilege Escal...
Jan 10, 2020
CVSS 8.8
EPSS 0.00
CVE-2019-7162 CRITICAL
Zoho ManageEngine ADSelfService Plus <5.6 - Info Disclosure
Dec 31, 2019
CVSS 9.1
EPSS 0.08
CVE-2019-18781 MEDIUM
Zoho ManageEngine ADSelfService Plus <5.5809 - Open Redirect
Dec 18, 2019
CVSS 6.1
EPSS 0.00
CVE-2019-19774 HIGH
Zoho ManageEngine EventLog Analyzer <10.0 SP1 Build 12110 - Information Disclosure
Dec 13, 2019
CVSS 8.8
EPSS 0.09
CVE-2019-19650 HIGH
Zoho ManageEngine Applications Manager <13640 - SQL Injection
Dec 11, 2019
CVSS 8.8
EPSS 0.07
CVE-2019-19649 CRITICAL
Zoho ManageEngine Applications Manager <13620 - SQL Injection
Dec 11, 2019
CVSS 9.8
EPSS 0.50
CVE-2019-17421 HIGH
Zoho ManageEngine OpManager and Firewall Analyzer 12.4.072 - Privilege Escalation via Nipper Executable Overwrite
Nov 21, 2019
CVSS 7.8
EPSS 0.00
CVE-2019-18411 HIGH
ManageEngine ADSelfService Plus 5.x-5803 - Cross-Site Request Forgery on Profile Information Page
Nov 06, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-17602 CRITICAL
ManageEngine OpManager < 12.4 - SQL Injection via OPMDeviceDetailsServlet
Oct 15, 2019
CVSS 9.8
EPSS 0.48
CVE-2019-17112 MEDIUM
Zoho ManageEngine DataSecurity Plus <5.0.1 5012 - Info Disclosure
Oct 09, 2019
CVSS 4.3
EPSS 0.01
CVE-2019-15045 MEDIUM
Zoho ManageEngine ServiceDesk Plus 10-10509 - User Enumeration via AjaxDomainServlet
Aug 21, 2019
CVSS 5.3
EPSS 0.02
CVE-2019-15106 CRITICAL
ManageEngine OpManager < 12.4.034 - Unauthenticated Remote Command Execution via Default Credential Bypass
Aug 16, 2019
CVSS 9.8
EPSS 0.37
CVE-2019-15105 HIGH
ManageEngine Applications Manager < 14.2 - SQL Injection via NewThresholdConfiguration.jsp resourceid Parameter
Aug 16, 2019
CVSS 8.8
EPSS 0.03
CVE-2019-15104 HIGH
ManageEngine Applications Manager 12.0-13.9 - SQL Injection via NewThresholdConfiguration.jsp resourceid Parameter
Aug 16, 2019
CVSS 8.8
EPSS 0.03
CVE-2019-15046 HIGH
ManageEngine ServiceDesk Plus 10-10509 - Unauthenticated Sensitive Information Leakage via Fail Over Service Replication
Aug 14, 2019
CVSS 7.5
EPSS 0.05
CVE-2019-14693 HIGH
Zoho ManageEngine AssetExplorer <6.2.0 - XXE
Aug 08, 2019
CVSS 8.5
EPSS 0.01
CVE-2019-12994 CRITICAL
ManageEngine AssetExplorer 6.2.0 - Server-Side Request Forgery via AJaxServlet Parameter
Aug 08, 2019
CVSS 9.1
EPSS 0.02
CVE-2019-12959 HIGH
ManageEngine AssetExplorer < 6.2.0 - Server-Side Request Forgery via ClientUtilServlet URL Parameter
Aug 08, 2019
CVSS 8.8
EPSS 0.00
CVE-2019-12876 HIGH
Zoho ManageEngine ADManager Plus, ADSelfService Plus, and DesktopCentral - Privilege Escalation via Insecure Permissions
Jul 17, 2019
CVSS 7.3
EPSS 0.00
CVE-2019-12597 MEDIUM
ManageEngine AssetExplorer - Stored Cross-Site Scripting via ResourcesAttachments.jsp pageName Parameter
Jul 11, 2019
CVSS 6.1
EPSS 0.02
CVE-2019-12596 MEDIUM
ManageEngine AssetExplorer - Stored Cross-Site Scripting via SoftwareListView.do swType or swComplianceType Parameter
Jul 11, 2019
CVSS 6.1
EPSS 0.02
Products
manageengine_applications_manager 56 manageengine_opmanager 56 manageengine_admanager_plus 53 manageengine_adaudit_plus 52 manageengine_adselfservice_plus 51 manageengine_servicedesk_plus 50 manageengine_desktop_central 48 manageengine_supportcenter_plus 31 manageengine_exchange_reporter_plus 28 manageengine_netflow_analyzer 28 manageengine_assetexplorer 26 manageengine_servicedesk_plus_msp 26 manageengine_password_manager_pro 22 manageengine_eventlog_analyzer 19 manageengine_network_configuration_manager 14 manageengine_pam360 14 manageengine_remote_access_plus 14 manageengine_firewall_analyzer 12 manageengine_access_manager_plus 11 manageengine_it360 9 manageengine_log360 9 ManageEngine Exchange Reporter Plus 8 manageengine_endpoint_central 8 manageengine_oputils 8 manageengine_analytics_plus 7 manageengine_datasecurity_plus 6 manageengine_opmanager_msp 6 manageengine_opmanager_plus 6 manageengine_cloud_security_plus 5 manageengine_key_manager_plus 5
Quick Filters
Critical CVEs With Exploits In CISA KEV