Filtered by vendor Zohocorp
Subscriptions
Total
496 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41829 | 1 Zohocorp | 1 Manageengine Remote Access Plus | 2024-11-21 | 7.5 High |
| Zoho ManageEngine Remote Access Plus before 10.1.2121.1 relies on the application's build number to calculate a certain encryption key. | ||||
| CVE-2021-41828 | 1 Zohocorp | 1 Manageengine Remote Access Plus | 2024-11-21 | 7.5 High |
| Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials associated with resetPWD.xml. | ||||
| CVE-2021-41827 | 1 Zohocorp | 1 Manageengine Remote Access Plus | 2024-11-21 | 7.5 High |
| Zoho ManageEngine Remote Access Plus before 10.1.2121.1 has hardcoded credentials for read-only access. The credentials are in the source code that corresponds to the DCBackupRestore JAR archive. | ||||
| CVE-2021-41288 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData API. | ||||
| CVE-2021-41081 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a configuration search. | ||||
| CVE-2021-41080 | 1 Zohocorp | 1 Manageengine Network Configuration Manager | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine Network Configuration Manager before 125465 is vulnerable to SQL Injection in a hardware details search. | ||||
| CVE-2021-41075 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 9.8 Critical |
| The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API. | ||||
| CVE-2021-40493 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason API. | ||||
| CVE-2021-40178 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 6.1 Medium |
| Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGO_PATH key value in the logon settings. | ||||
| CVE-2021-40177 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine Log360 before Build 5225 allows remote code execution via BCP file overwrite. | ||||
| CVE-2021-40176 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 6.1 Medium |
| Zoho ManageEngine Log360 before Build 5225 allows stored XSS. | ||||
| CVE-2021-40175 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine Log360 before Build 5219 allows unrestricted file upload with resultant remote code execution. | ||||
| CVE-2021-40174 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 8.8 High |
| Zoho ManageEngine Log360 before Build 5224 allows a CSRF attack for disabling the logon security settings. | ||||
| CVE-2021-40173 | 1 Zohocorp | 1 Manageengine Cloud Security Plus | 2024-11-21 | 8.8 High |
| Zoho ManageEngine Cloud Security Plus before Build 4117 allows a CSRF attack on the server proxy settings. | ||||
| CVE-2021-40172 | 1 Zohocorp | 1 Manageengine Log360 | 2024-11-21 | 8.8 High |
| Zoho ManageEngine Log360 before Build 5219 allows a CSRF attack on proxy settings. | ||||
| CVE-2021-3287 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization class. | ||||
| CVE-2021-38298 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus before 7110 is vulnerable to blind XXE. | ||||
| CVE-2021-37931 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37930 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||
| CVE-2021-37929 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestricted file upload which leads to remote code execution. | ||||