Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2017-11687
Multiple Persistent cross-site scripting (XSS) vulnerabilities in Event log parsing and Display functions in Zoho ManageEngine Event Log Analyzer 11.4 and 11.5 allow remote malicious users to inject arbitrary web script or HTML via syslog.
Zohocorp Manageengine Eventlog Analyzer 11.5
Zohocorp Manageengine Eventlog Analyzer 11.4
7.8
CVSSv3
CVE-2023-31197
Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Intel Trace Analyzer And Collector
Intel Trace Analyzer And Collector 2020
8.2
CVSSv3
CVE-2022-35404
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server machine.
Zohocorp Manageengine Opmanager
Zohocorp Manageengine Opmanager 12.5
Zohocorp Manageengine Network Configuration Manager 12.5
Zohocorp Manageengine Network Configuration Manager
Zohocorp Manageengine Netflow Analyzer 12.5
Zohocorp Manageengine Netflow Analyzer
Zohocorp Manageengine Firewall Analyzer
Zohocorp Manageengine Firewall Analyzer 12.5
7.1
CVSSv3
CVE-2023-6194
In Eclipse Memory Analyzer versions 0.7 to 1.14.0, report definition XML files are not filtered to prohibit document type definition (DTD) references to external entities. This means that if a user chooses to use a malicious report definition XML file containing an external entit...
Eclipse Memory Analyzer
NA
CVE-2014-9373
Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote malicious users to execute arbitrary code via a .. (dot dot) in the filename.
Manageengine Netflow Analyzer -
9
CVSSv3
CVE-2019-17634
Eclipse Memory Analyzer version 1.9.1 and previous versions is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem...
Eclipse Memory Analyzer
7.8
CVSSv3
CVE-2019-17635
Eclipse Memory Analyzer version 1.9.1 and previous versions is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed he...
Eclipse Memory Analyzer
6.1
CVSSv3
CVE-2021-28924
Self Authenticated XSS in Nagios Network Analyzer prior to 2.4.2 via the nagiosna/groups/queries page.
Nagios Network Analyzer
6.5
CVSSv3
CVE-2023-43501
A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.
Jenkins Build Failure Analyzer
7.5
CVSSv3
CVE-2022-38112
In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext.
Solarwinds Database Performance Analyzer
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »