Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-37927: ADManager Plus's Release Notes For Highlights and Information about the Latest Release - Windows Active Directory and Exchange Management, Reporting, Delegation, Automation Tool

Zoho ManageEngine ADManager Plus version 7110 and prior allows account takeover via SSO.

CVE

Related news

CVE-2021-41833

Zoho ManageEngine Patch Connect Plus before 90099 is vulnerable to unauthenticated remote code execution.

CVE-2021-42278: Active Directory Domain Services Elevation of Privilege Vulnerability

*Where can I find more information about Active Directory SAM Account hardening changes?* See Active Directory SAM Account hardening changes.

CVE-2021-42291: Active Directory Domain Services Elevation of Privilege Vulnerability

*Where can I find more information about Active Directory permissions updates?* See Active Directory permissions updates.

CVE-2021-42287: Active Directory Domain Services Elevation of Privilege Vulnerability

*Where can I find more information about the improved authentication process added by the update for CVE-2021-42287?* See Authentication updates.

CVE-2020-24743: List of bug fixes and feature enhancements - ManageEngine Applications Manager

An issue was found in /showReports.do Zoho ManageEngine Applications Manager up to 14550, allows attackers to gain escalated privileges via the resourceid parameter.

CVE-2021-37922: ADManager Plus's Release Notes For Highlights and Information about the Latest Release - Windows Active Directory and Exchange Management, Reporting, Delegation, Automation Tool

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to path traversal which allows copying of files from one directory to another.

CVE-2021-37761: ADManager Plus's Release Notes For Highlights and Information about the Latest Release - Windows Active Directory and Exchange Management, Reporting, Delegation, Automation Tool

Zoho ManageEngine ADManager Plus version 7110 and prior is vulnerable to unrestricted file upload, leading to remote code execution.

CVE-2021-22526: Potential redirection vulnerability (CVE-2021-22526)

Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

CVE-2021-22527: Potential information leakage vulnerability (CVE-2021-22527)

Information leakage vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907