Skip to main content
CVE-2015-9107 CRITICAL Act Now

Zoho ManageEngine OpManager 11 through 12.2 uses a custom encryption algorithm to protect the credential used to access the monitored devices. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zoho Manageengine Opmanager
NVD GitHub
CVSS 3.0
9.8
EPSS
1.7%
CVE-2017-10817 CRITICAL Act Now

MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to bypass authentication to alter settings in Relay Service Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Malion
NVD
CVSS 3.1
9.8
EPSS
1.0%
CVE-2017-10816 CRITICAL Act Now

SQL injection vulnerability in the MaLion for Windows and Mac 5.0.0 to 5.2.1 allows remote attackers to execute arbitrary SQL commands via Relay Service Server. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft SQLi Malion
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2017-12424 CRITICAL PATCH Act Now

In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Shadow Debian Linux
NVD GitHub
CVSS 3.1
9.8
EPSS
0.6%
CVE-2017-10818 CRITICAL Act Now

MaLion for Windows and Mac versions 3.2.1 to 5.2.1 uses a hardcoded cryptographic key which may allow an attacker to alter the connection settings of Terminal Agent and spoof the Relay Service. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Authentication Bypass Malion
NVD
CVSS 3.1
9.8
EPSS
0.4%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy