Vulnerabilities > Zohocorp > Manageengine Adaudit Plus > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-04-05 | CVE-2022-24978 | Insufficiently Protected Credentials vulnerability in Zohocorp Manageengine Adaudit Plus Zoho ManageEngine ADAudit Plus before 7055 allows authenticated Privilege Escalation on Integrated products. | 8.8 |
| 2020-05-08 | CVE-2020-11531 | Path Traversal vulnerability in Zohocorp products The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. | 8.8 |
| 2018-12-13 | CVE-2018-19118 | Out-of-bounds Write vulnerability in Zohocorp Manageengine Adaudit Plus 4.1.0/4.5.0/5.0.0 Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain. | 7.5 |