Known Vulnerabilities for products from Manageengine
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Manageengine".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-28756 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-28754 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-28703 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-27655 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-5785 json | Not Provided | 2026-04-16 | 2026-04-17 | |
| CVE-2026-4108 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-4107 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-3880 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-3879 json | Not Provided | 2026-04-03 | 2026-04-03 | |
| CVE-2026-3324 json | Not Provided | 2026-04-16 | 2026-04-16 | |
| CVE-2021-28960 json | Zoho ManageEngine Desktop Central before build 10.0.683 allows unauthenticated command injection due to improper handling of ... | 9.8 - CRITICAL | 2021-09-21 | 2021-11-28 |
| CVE-2020-19554 json | Cross Site Scripting (XSS) vulnerability exists in ManageEngine OPManager <=12.5.174 when the API key contains an XML-based X... | 6.1 - MEDIUM | 2021-09-21 | 2021-09-29 |
| CVE-2018-15608 json | Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen. | 6.1 - MEDIUM | 2018-08-28 | 2020-08-24 |
| CVE-2017-11512 json | The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname ... | 7.5 - HIGH | 2017-11-08 | 2019-10-09 |
| CVE-2017-11511 json | The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname ... | 7.5 - HIGH | 2017-11-08 | 2019-10-09 |
| CVE-2016-9490 json | ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from a Reflected Cross-Site Scripting vulnerab... | 6.1 - MEDIUM | 2018-06-05 | 2018-08-07 |
| CVE-2016-9488 json | ManageEngine Applications Manager versions 12 and 13 before build 13200 suffer from remote SQL injection vulnerabilities. An ... | 9.8 - CRITICAL | 2018-06-05 | 2020-07-27 |
| CVE-2015-8249 json | The FileUploadServlet class in ManageEngine Desktop Central 9 before build 91093 allows remote attackers to upload and execut... | 9.8 - CRITICAL | 2017-09-28 | 2017-10-06 |
| CVE-2015-1480 json | ZOHO ManageEngine ServiceDesk Plus (SDP) before 9.0 build 9031 allows remote authenticated users to obtain sensitive ticket i... | 4 - MEDIUM | 2015-02-04 | 2018-10-09 |
| CVE-2014-9373 json | Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote atta... | 10 - HIGH | 2014-12-16 | 2014-12-17 |
Known software with vulnerabilities from Manageengine
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Manageengine | Desktop Central | 10.0.282 |
| Application | Manageengine | Netflow Analyzer | - |
| Application | Manageengine | Opmanager | - |
| Application | Manageengine | Oputils | 7.0 |
| Application | Manageengine | Servicedesk | 9.3.9328 |