Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
analyzer vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43499
Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions does not escape Failure Cause names in build logs, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to create or update Failure Causes.
Jenkins Build Failure Analyzer
NA
CVE-2023-43500
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows malicious users to connect to an attacker-specified hostname and port using attacker-specified username and password.
Jenkins Build Failure Analyzer
NA
CVE-2023-43501
A missing permission check in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows attackers with Overall/Read permission to connect to an attacker-specified hostname and port using attacker-specified username and password.
Jenkins Build Failure Analyzer
NA
CVE-2023-43502
A cross-site request forgery (CSRF) vulnerability in Jenkins Build Failure Analyzer Plugin 2.4.1 and previous versions allows malicious users to delete Failure Causes.
Jenkins Build Failure Analyzer
NA
CVE-2023-33231
XSS attack was possible in DPA 2023.2 due to insufficient input validation
Solarwinds Database Performance Analyzer
383
VMScore
CVE-2018-10803
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 prior to 12.3.125 (build 123125) allows remote malicious users to inject arbitrary web script or HTML via a crafted description value. This can be exploited t...
Zohocorp Manageengine Netflow Analyzer
585
VMScore
CVE-2014-6039
ManageEngine EventLog Analyzer version 7 up to and including 9.9 build 9002 has a Credentials Disclosure Vulnerability. Fixed version 10 Build 10000.
Zohocorp Manageengine Eventlog Analyzer
1 EDB exploit
2 Metasploit modules
312
VMScore
CVE-2008-1775
Cross-site scripting (XSS) vulnerability in mindex.do in ManageEngine Firewall Analyzer 4.0.3 allows remote malicious users to inject arbitrary web script or HTML via the displayName parameter. NOTE: the provenance of this information is unknown; the details are obtained solely f...
Manageengine Firewall Analyzer 4.0.3
1000
VMScore
CVE-2006-3838
Multiple stack-based buffer overflows in eIQnetworks Enterprise Security Analyzer (ESA) prior to 2.5.0, as used in products including (a) Sidewinder, (b) iPolicy Security Manager, (c) Astaro Report Manager, (d) Fortinet FortiReporter, (e) Top Layer Network Security Analyzer, and ...
Eiqnetworks Enterprise Security Analyzer
6 EDB exploits
435
VMScore
CVE-2012-4891
Cross-site scripting (XSS) vulnerability in fw/index2.do in ManageEngine Firewall Analyzer 7.2 allows remote malicious users to inject arbitrary web script or HTML via the url parameter, a different vector than CVE-2012-4889. NOTE: the provenance of this information is unknown; t...
Manageengine Firewall Analyzer 7.2
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »