Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2015-7781
ManageEngine Firewall Analyzer prior to 8.0 does not restrict access permissions.
Zohocorp Manageengine Firewall Analyzer
7.5
CVSSv2
CVE-2015-7387
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and previous versions allows remote malicious users to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrat...
Zohocorp Manageengine Eventlog Analyzer
2 EDB exploits
4
CVSSv2
CVE-2015-7780
Directory traversal vulnerability in ManageEngine Firewall Analyzer prior to 8.0.
Zohocorp Manageengine Firewall Analyzer
NA
CVE-2023-33231
XSS attack was possible in DPA 2023.2 due to insufficient input validation
Solarwinds Database Performance Analyzer
5
CVSSv2
CVE-2015-4418
Zoho NetFlow Analyzer build 10250 and previous versions does not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Zohocorp Manageengine Netflow Analyzer -
7.5
CVSSv2
CVE-2010-4840
Multiple buffer overflows in the Syslog server in ManageEngine EventLog Analyzer 6.1 allow remote malicious users to cause a denial of service (SysEvttCol.exe process crash) or possibly execute arbitrary code via a long Syslog PRI message header to UDP port (1) 513 or (2) 514. Fi...
Manageengine Eventlog Analyzer 6.1
6.8
CVSSv2
CVE-2019-16553
A cross-site request forgery vulnerability in Jenkins Build Failure Analyzer Plugin 1.24.1 and previous versions allows malicious users to have Jenkins evaluate a computationally expensive regular expression.
Jenkins Build Failure Analyzer
4
CVSSv2
CVE-2019-16554
A missing permission check in Jenkins Build Failure Analyzer Plugin 1.24.1 and previous versions allows attackers with Overall/Read permission to have Jenkins evaluate a computationally expensive regular expression.
Jenkins Build Failure Analyzer
4
CVSSv2
CVE-2007-1642
Unspecified vulnerability in ManageEngine Firewall Analyzer allows remote authenticated users to "access any common file" via a direct URL request.
Manageengine Firewall Analyzer 4.0
3.5
CVSSv2
CVE-2008-1775
Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote malicious users to inject arbitrary web script or HTML via the displayName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely f...
Manageengine Firewall Analyzer 4.0.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »