Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-44525
Zoho ManageEngine PAM360 before build 5303 allows malicious users to modify a few aspects of application state because of a filter bypass in which authentication is not required.
Zohocorp Manageengine Pam360 5.3
Zohocorp Manageengine Pam360 5.2
Zohocorp Manageengine Pam360 5.1
Zohocorp Manageengine Pam360 5.0
Zohocorp Manageengine Pam360 4.5
Zohocorp Manageengine Pam360 4.1
Zohocorp Manageengine Pam360 4.0
9.8
CVSSv3
CVE-2021-44675
Zoho ManageEngine ServiceDesk Plus MSP prior to 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus Msp
9.8
CVSSv3
CVE-2021-44676
Zoho ManageEngine Access Manager Plus prior to 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.
Zohocorp Manageengine Access Manager Plus 4.2
Zohocorp Manageengine Access Manager Plus 4.1
9.8
CVSSv3
CVE-2021-44515
Zoho ManageEngine Desktop Central is vulnerable to authentication bypass, leading to remote code execution on the server, as exploited in the wild in December 2021. For Enterprise builds 10.1.2127.17 and previous versions, upgrade to 10.1.2127.18. For Enterprise builds 10.1.2128....
Zohocorp Manageengine Desktop Central
9.8
CVSSv3
CVE-2021-44514
OpUtils in Zoho ManageEngine OpManager 12.5 prior to 125490 mishandles authentication for a few audit directories.
Zohocorp Manageengine Opmanager 12.5
9.8
CVSSv3
CVE-2021-42099
Zoho ManageEngine M365 Manager Plus prior to 4421 is vulnerable to file-upload remote code execution.
Zohocorp Manageengine M365 Manager Plus -
Zohocorp Manageengine M365 Manager Plus Build 4419
Zohocorp Manageengine M365 Manager Plus Build 4418
Zohocorp Manageengine M365 Manager Plus Build 4417
Zohocorp Manageengine M365 Manager Plus Build 4416
Zohocorp Manageengine M365 Manager Plus Build 4415
Zohocorp Manageengine M365 Manager Plus Build 4414
Zohocorp Manageengine M365 Manager Plus Build 4413
Zohocorp Manageengine M365 Manager Plus Build 4412
Zohocorp Manageengine M365 Manager Plus Build 4411
Zohocorp Manageengine M365 Manager Plus Build 4410
Zohocorp Manageengine M365 Manager Plus Build 4408
Zohocorp Manageengine M365 Manager Plus Build 4407
Zohocorp Manageengine M365 Manager Plus Build 4406
Zohocorp Manageengine M365 Manager Plus Build 4403
Zohocorp Manageengine M365 Manager Plus Build 4402
Zohocorp Manageengine M365 Manager Plus Build 4401
Zohocorp Manageengine M365 Manager Plus Build 4400
Zohocorp Manageengine M365 Manager Plus Build 4336
Zohocorp Manageengine M365 Manager Plus Build 4335
Zohocorp Manageengine M365 Manager Plus Build 4334
Zohocorp Manageengine M365 Manager Plus Build 4333
9.8
CVSSv3
CVE-2021-43319
Zoho ManageEngine Network Configuration Manager prior to 125488 is vulnerable to command injection due to improper validation in the Ping functionality.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager 12.3
Zohocorp Manageengine Network Configuration Manager 11.0
Zohocorp Manageengine Network Configuration Manager 12.0
Zohocorp Manageengine Network Configuration Manager 12.1
Zohocorp Manageengine Network Configuration Manager 12.2
Zohocorp Manageengine Network Configuration Manager 12.4
9.8
CVSSv3
CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus prior to 11306, ServiceDesk Plus MSP prior to 10530, and SupportCenter Plus prior to 11014 are vulnerable to unauthenticated remote code execution. This is related to /RestAPI URLs in a servlet, and ImportTechnicians in the Struts configuration.
Zohocorp Manageengine Servicedesk Plus 11.2
Zohocorp Manageengine Servicedesk Plus Msp 10.5
Zohocorp Manageengine Servicedesk Plus 11.3
Zohocorp Manageengine Servicedesk Plus 11.1
Zohocorp Manageengine Supportcenter Plus
Zohocorp Manageengine Servicedesk Plus Msp
Zohocorp Manageengine Supportcenter Plus 11.0
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2021-41081
Zoho ManageEngine Network Configuration Manager before ??125465 is vulnerable to SQL Injection in a configuration search.
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Network Configuration Manager 12.3
1 Github repository
9.8
CVSSv3
CVE-2021-42002
Zoho ManageEngine ADManager Plus prior to 7115 is vulnerable to a filter bypass that leads to file-upload remote code execution.
Zohocorp Manageengine Admanager Plus 7.1
Zohocorp Manageengine Admanager Plus
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »