Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
applications manager vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2017-11557
An issue exists in ZOHO ManageEngine Applications Manager 12.3. It is possible for an unauthenticated user to view the list of domain names and usernames used in a company's network environment via a userconfiguration.do?method=editUser request.
Zohocorp Manageengine Applications Manager 12.3
6.8
CVSSv2
CVE-2017-11738
In Zoho ManageEngine Application Manager before 14.6 Build 14660, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack.
Zohocorp Manageengine Applications Manager 13.1
6.8
CVSSv2
CVE-2017-11740
In Zoho ManageEngine Application Manager 13.1 Build 13100, the administrative user has the ability to upload files/binaries that can be executed upon the occurrence of an alarm. An attacker can abuse this functionality by uploading a malicious script that can be executed on the r...
Zohocorp Manageengine Applications Manager 13.1
5
CVSSv2
CVE-2019-19800
Zoho ManageEngine Applications Manager 14 prior to 14520 allows a remote unauthenticated malicious user to disclose OS file names via FailOverHelperServlet.
Zohocorp Manageengine Applications Manager 14.0
3.5
CVSSv2
CVE-2016-1598
XSS in NetIQ IDM 4.5 Identity Applications prior to 4.5.4 allows attackers able to change their username to inject arbitrary HTML code into the Role Assignment administrator HTML pages.
Novell Identity Manager 4.5
Novell Identity Manager Identity Applications
7.5
CVSSv2
CVE-2016-0913
The client in EMC Replication Manager (RM) prior to 5.5.3.0_01-PatchHotfix, EMC Network Module for Microsoft 3.x, and EMC Networker Module for Microsoft 8.2.x prior to 8.2.3.6 allows remote RM servers to execute arbitrary commands by placing a crafted script in an SMB share.
Emc Replication Manager
Emc Networker Module For Microsoft Applications
Emc Networker Module For Microsoft Applications 3.0.1
Emc Networker Module For Microsoft Applications 3.0
5
CVSSv2
CVE-2014-7863
The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager prior to 11.9 build 11912, OpManager 8 up to and including 11.5 build 11400, and IT360 10.5 and previous versions does not properly restrict access, which allows remote attackers and rem...
Zohocorp Manageengine Applications Manager
Zohocorp Manageengine It360
Zohocorp Manageengine Opmanager
1 EDB exploit
4
CVSSv2
CVE-2013-1525
Unspecified vulnerability in the Oracle Retail Integration Bus component in Oracle Industry Applications 13.0, 13.1, and 13.2 allows remote authenticated users to affect confidentiality via unknown vectors related to Retail Integration Bus Manager.
Oracle Industry Applications 13.0
Oracle Industry Applications 13.1
Oracle Industry Applications 13.2
10
CVSSv2
CVE-2012-0231
PRLicenseMgr.exe in the Proficy Server License Manager in GE Intelligent Platforms Proficy Plant Applications 5.0 and previous versions allows remote malicious users to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TCP session on p...
Ge Intelligent Platforms Proficy Plant Applications 215.8
Ge Intelligent Platforms Proficy Plant Applications 4.2.2
Ge Intelligent Platforms Proficy Plant Applications 4.2.3
Ge Intelligent Platforms Proficy Plant Applications
Ge Intelligent Platforms Proficy Plant Applications 4.4.1
Ge Intelligent Platforms Proficy Plant Applications 4.3.1
7.5
CVSSv2
CVE-2018-14720
FasterXML jackson-databind 2.x prior to 2.9.7 might allow malicious users to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Fasterxml Jackson-databind 2.7.0
Fasterxml Jackson-databind
Fasterxml Jackson-databind 2.8.0
Fasterxml Jackson-databind 2.9.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Primavera Unifier
Oracle Communications Billing And Revenue Management 7.5
Oracle Communications Billing And Revenue Management 12.0
Oracle Financial Services Analytical Applications Infrastructure 8.0.2
Oracle Financial Services Analytical Applications Infrastructure 8.0.3
Oracle Financial Services Analytical Applications Infrastructure 8.0.4
Oracle Financial Services Analytical Applications Infrastructure 8.0.5
Oracle Financial Services Analytical Applications Infrastructure 8.0.6
Oracle Financial Services Analytical Applications Infrastructure 8.0.7
Oracle Banking Platform 2.6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »