ManageEngine — Vulnerabilities & Security Advisories 86

Browse all 86 CVE security advisories affecting ManageEngine. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Paused
CVE-2024-27310	DOS Vulnerability — ADSelfService PlusCWE-90	5.3	Medium	2024-05-27
CVE-2024-27314	Stored XSS Vulnerability — ServiceDesk Plus, ServiceDesk Plus MSP, SupportCenter PlusCWE-79	2.4	Low	2024-05-27
CVE-2024-21791	SQL Injection in ADAudit Plus — ADAudit PlusCWE-89	4.7	Medium	2024-05-22
CVE-2023-49335	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49334	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49333	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49332	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2023-49331	ZOHO ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2024-27312	Authorization vulnerability in PAM360 — PAM360CWE-863	8.1	High	2024-05-20
CVE-2023-49330	Zoho ManageEngine ADAudit Plus 安全漏洞 — ADAudit Plus	8.3	High	2024-05-20
CVE-2024-21775	SQL Injection — Exchange Reporter PlusCWE-89	8.3	High	2024-02-16
CVE-2024-0269	SQL Injection — ADAudit PlusCWE-89	8.3	High	2024-02-02
CVE-2024-0253	SQL Injection — ADAudit PlusCWE-89	8.3	High	2024-02-02
CVE-2024-0252	Remote code execution — ADSelfService PlusCWE-94	8.8	High	2024-01-11
CVE-2023-47211	ZOHO ManageEngine OpManager 路径遍历漏洞 — OpManagerCWE-22	9.1	Critical	2024-01-08
CVE-2023-6105	ManageEngine Information Disclosure in Multiple Products — Service Desk PlusCWE-200	5.5	Medium	2023-11-15
CVE-2023-4769	Server-Side Request Forgery in ManageEngine Desktop Central — Desktop CentralCWE-918	6.6	Medium	2023-11-03
CVE-2023-4768	Improper Neutralization of CRLF Sequences in ManageEngine Desktop Central — Desktop CentralCWE-93	6.1	Medium	2023-11-03
CVE-2023-4767	Improper Neutralization of CRLF Sequences in ManageEngine Desktop Central — Desktop CentralCWE-93	6.1	Medium	2023-11-03
CVE-2023-35719	ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability — ADSelfService PlusCWE-345	6.8	-	2023-09-06
CVE-2022-43473	ManageEngine OpManager 代码问题漏洞 — OpManagerCWE-611	5.8	Medium	2023-03-30
CVE-2016-9498	ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects — Applications ManagerCWE-502	9.8	-	2018-07-13
CVE-2016-9491	ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation due to improper restriction of an XML external entity — Applications ManagerCWE-611	4.9	-	2018-07-13
CVE-2016-9489	ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation and authentication bypass — Applications ManagerCWE-269	8.1	-	2018-07-13
CVE-2016-9488	ManageEngine Applications Manager versions 12 and 13 suffer from remote SQL injection vulnerabilities — Applications ManagerCWE-89	9.8	-	2018-06-05
CVE-2016-9490	ManageEngine Applications Manager versions 12 and 13 suffer from a Reflected Cross-Site Scripting vulnerability — Applications ManagerCWE-79	6.1	-	2018-06-05

This page lists every published CVE security advisory associated with ManageEngine. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Support Us — Your donation helps us keep running

ManageEngine — Vulnerabilities & Security Advisories 86