Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-7405
Cross-site scripting (XSS) in Zoho ManageEngine EventLog Analyzer prior to 11.12 Build 11120 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Zohocorp Manageengine Eventlog Analyzer
2.1
CVSSv2
CVE-2007-1194
Norman SandBox Analyzer does not use the proper range for Interrupt Descriptor Table (IDT) entries, which allows local users to determine that the local machine is an emulator, or a similar environment not based on a physical Intel processor, which allows malicious users to produ...
Norman Norman Sandbox Analyzer
5
CVSSv2
CVE-2018-12997
Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows malicious u...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
4.3
CVSSv2
CVE-2018-12998
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote m...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
10
CVSSv2
CVE-2016-2397
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote malicious users to deserialize and execute arbitrary Java code via crafted XML data.
Sonicwall Uma Em5000 Firmware 8.0
Sonicwall Uma Em5000 Firmware 8.1
Sonicwall Uma Em5000 Firmware 7.2
Sonicwall Global Management System 7.2
Sonicwall Global Management System 8.0
Sonicwall Global Management System 8.1
Sonicwall Analyzer 8.0
Sonicwall Analyzer 7.2
Sonicwall Analyzer 8.1
9
CVSSv2
CVE-2016-2396
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1 before Hotfix 168056 allows remote authenticated users to execute arbitrary commands via vectors related to configuration input.
Sonicwall Analyzer 7.2
Sonicwall Analyzer 8.0
Sonicwall Analyzer 8.1
Sonicwall Global Management System 7.2
Sonicwall Global Management System 8.0
Sonicwall Global Management System 8.1
Sonicwall Uma Em5000 Firmware 7.2
Sonicwall Uma Em5000 Firmware 8.0
Sonicwall Uma Em5000 Firmware 8.1
7.5
CVSSv2
CVE-2019-12196
A SQL injection vulnerability in /client/api/json/v2/nfareports/compareReport in Zoho ManageEngine NetFlow Analyzer 12.3 allows malicious users to execute arbitrary SQL commands via the DeviceID parameter.
Zohocorp Manageengine Netflow Analyzer 12.3
4.3
CVSSv2
CVE-2019-8926
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/popup1.jsp file via these GET parameters: bussAlert, customDev, and selSource.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-8927
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in the Administration zone /netflow/jspui/scheduleConfig.jsp file via these GET parameters: devSrc, emailId, excWeekModify, filterFlag, getFilter, mailReport, mset, popup, rep_schedule, rep_Typ...
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2019-8928
An issue exists in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2. XSS exists in /netflow/jspui/userManagementForm.jsp via these GET parameters: authMeth, passWord, pwd1, and userName.
Zohocorp Manageengine Netflow Analyzer 7.0.0.2
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »