Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-1642
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request.
Manageengine Firewall Analyzer 4.0
8.8
CVSSv3
CVE-2019-19774
An issue exists in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewin...
Zohocorp Manageengine Eventlog Analyzer
1 EDB exploit
NA
CVE-2008-1775
Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote malicious users to inject arbitrary web script or HTML via the displayName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely f...
Manageengine Firewall Analyzer 4.0.3
NA
CVE-2015-2959
Zoho NetFlow Analyzer build 10250 and previous versions does not check for administrative authorization, which allows remote malicious users to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-2961
Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and previous versions allows remote malicious users to hijack the authentication of administrators.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2003-1583
Cross-site scripting (XSS) vulnerability in WebTrends allows remote malicious users to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Webtrends Webtrends Log Analyzer
NA
CVE-2007-1194
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows malicious users to produ...
Norman Norman Sandbox Analyzer
5.4
CVSSv3
CVE-2020-2244
Jenkins Build Failure Analyzer Plugin 1.27.0 and previous versions does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indica...
Jenkins Build Failure Analyzer
NA
CVE-2015-4418
Zoho NetFlow Analyzer build 10250 and previous versions does not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Zohocorp Manageengine Netflow Analyzer -
6.5
CVSSv3
CVE-2020-14693
Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6-8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via H...
Oracle Insurance Accounting Analyzer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »