Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-38110
In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.
Solarwinds Database Performance Analyzer
7.5
CVSSv3
CVE-2022-38112
In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext.
Solarwinds Database Performance Analyzer
8.8
CVSSv3
CVE-2019-19774
An issue exists in Zoho ManageEngine EventLog Analyzer 10.0 SP1 before Build 12110. By running "select hostdetails from hostdetails" at the /event/runquery.do endpoint, it is possible to bypass the security restrictions that prevent even administrative users from viewin...
Zohocorp Manageengine Eventlog Analyzer
1 EDB exploit
NA
CVE-2015-7387
ZOHO ManageEngine EventLog Analyzer 10.6 build 10060 and previous versions allows remote malicious users to bypass intended restrictions and execute arbitrary SQL commands via an allowed query followed by a disallowed one in the query parameter to event/runQuery.do, as demonstrat...
Zohocorp Manageengine Eventlog Analyzer
2 EDB exploits
6.5
CVSSv3
CVE-2020-14693
Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6-8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via H...
Oracle Insurance Accounting Analyzer
6.5
CVSSv3
CVE-2015-7780
Directory traversal vulnerability in ManageEngine Firewall Analyzer prior to 8.0.
Zohocorp Manageengine Firewall Analyzer
7.8
CVSSv3
CVE-2023-27505
Incorrect default permissions in some Intel(R) Advanced Link Analyzer Standard Edition software installers before version 22.1 .1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Advanced Link Analyzer
NA
CVE-2013-7318
Cross-site scripting (XSS) vulnerability in BusinessFlow/login in AlgoSec Firewall Analyzer 6.4 allows remote malicious users to inject arbitrary web script or HTML via the message parameter.
Algosec Firewall Analyzer 6.4
6.1
CVSSv3
CVE-2016-4988
Cross-site scripting (XSS) vulnerability in the Build Failure Analyzer plugin prior to 1.16.0 in Jenkins allows remote malicious users to inject arbitrary web script or HTML via an unspecified parameter.
Jenkins Build Failure Analyzer
7.1
CVSSv3
CVE-2020-2937
Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6 - 8.0.9. Easily exploitable vulnerability allows low privileged attacker with network access via...
Oracle Insurance Accounting Analyzer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »