Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2015-2960
Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Zohocorp Manageengine Netflow Analyzer -
4.3
CVSSv2
CVE-2003-1583
Cross-site scripting (XSS) vulnerability in WebTrends allows remote malicious users to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Webtrends Webtrends Log Analyzer
4.3
CVSSv2
CVE-2012-4891
Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngine Firewall Analyzer 7.2 allows remote malicious users to inject arbitrary web script or HTML via the url parameter, a different vector than CVE-2012-4889. NOTE: the provenance of this information is unknown; t...
Manageengine Firewall Analyzer 7.2
1 EDB exploit
7.5
CVSSv2
CVE-2015-7387
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and previous versions allows remote malicious users to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrat...
Zohocorp Manageengine Eventlog Analyzer
2 EDB exploits
NA
CVE-2023-43499
Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure Causes.
Jenkins Build Failure Analyzer
NA
CVE-2023-43500
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows malicious users to connect to an attacker-specified hostname and port using attacker-specified username and password.
Jenkins Build Failure Analyzer
NA
CVE-2023-43501
A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.
Jenkins Build Failure Analyzer
NA
CVE-2023-43502
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows malicious users to delete Failure Causes.
Jenkins Build Failure Analyzer
7.5
CVSSv2
CVE-2007-6081
AdventNet EventLog Analyzer build 4030 for Windows, and possibly other versions and platforms, installs a mysql instance with a default "root" account without a password, which allows remote malicious users to gain privileges and modify logs. Fixed in EventLog Analyzer ...
Adventnet Eventlog Analyzer Build 4030
2.1
CVSSv2
CVE-2007-1194
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows malicious users to produ...
Norman Norman Sandbox Analyzer
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »