Zoho ManageEngine OPManager through 126323 allows an authenticated user to achieve remote code execution via probe...
8.8CVSS
8.9AI Score
0.006EPSS
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 125658, 126003, 126105, and 126120 allow authenticated users to make database changes that lead to remote code execution in the NMAP...
8.8CVSS
8.9AI Score
0.009EPSS
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, Firewall Analyzer, and OpUtils before 2022-07-27 through 2022-07-28 (125657, 126002, 126104, and 126118) allow unauthenticated attackers to obtain a user's API key, and then access external....
7.5CVSS
7.4AI Score
0.004EPSS
Zoho ManageEngine OpManager, OpManager Plus, OpManager MSP, Network Configuration Manager, NetFlow Analyzer, and OpUtils before 2022-07-29 through 2022-07-30 ( 125658, 126003, 126105, and 126120) allow authenticated users to make database changes that lead to remote code...
8.8CVSS
8.9AI Score
0.006EPSS
ManageEngine Password Manager Pro 12100 and prior and OPManager 126100 and prior are vulnerable to unauthorized file and directory creation on a server...
8.2CVSS
8AI Score
0.004EPSS
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default...
9.8CVSS
9.8AI Score
0.089EPSS
Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports...
8.8CVSS
8.9AI Score
0.002EPSS
OpUtils in Zoho ManageEngine OpManager 12.5 before 125490 mishandles authentication for a few audit...
9.8CVSS
9.5AI Score
0.005EPSS
Zoho ManageEngine OpManager before 125437 is vulnerable to SQL Injection in the support diagnostics module. This occurs via the pollingObject parameter of the getDataCollectionFailureReason...
9.8CVSS
9.8AI Score
0.02EPSS
The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module...
9.8CVSS
9.8AI Score
0.01EPSS
Zoho ManageEngine OpManager version 125466 and below is vulnerable to SQL Injection in the getReportData...
9.8CVSS
9.8AI Score
0.01EPSS
Zoho ManageEngine OpManager before 12.5.329 allows unauthenticated Remote Code Execution due to a general bypass in the deserialization...
9.8CVSS
9.7AI Score
0.394EPSS
Manage Engine OpManager builds below 125346 are vulnerable to a remote denial of service vulnerability due to a path traversal issue in spark gateway component. This allows a remote attacker to remotely delete any directory or directories on the...
9.1CVSS
8.9AI Score
0.142EPSS
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM)...
9.8CVSS
9.6AI Score
0.637EPSS