How should we interpret CVSS severity scores?

CVSS estimates technical severity, but it does not automatically equal business risk. Prioritize using context like internet exposure, asset criticality, known exploitation, and whether compensating controls exist. A Medium CVSS on an exposed production system can be more urgent than a Critical on an isolated non-production host.

Vulnerability Database

Q: What is a Vulnerability (CVE) and why does it matter?

A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.

Q: What's the difference between a vulnerability, an exploit, and a zero-day?

A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. Risk increases sharply when exploitation becomes reliable or widespread.

Q: Why do vulnerabilities keep reappearing in our environment?

Recurring findings usually come from incomplete asset discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host.

Q: How do we prioritize remediation without burning out the team?

Use a repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress so remediation is steady, not reactive.

Q: How can SynScan help reduce vulnerability risk over time?

SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.

328,409

Total vulnerabilities in the database

Vulnerabilities for products matching "enterprise_manager"

Found 6 matching products. Filters apply to all results.

You can search for specific versions with /product/enterprise_manager/1.2.3

oracle / enterprise_manager

33 vulnerabilities found

Title	Severity	Date	Affected Version
CVE-2024-20916	High	January 16, 2024 1/16/24	== 13.5.0.0
CVE-2021-2008	High	April 22, 2021 4/22/21	== 11.1.1.9 == 12.2.1.3
CVE-2021-2134	Medium	April 22, 2021 4/22/21	== 12.2.1.4
CVE-2020-2641	Medium	January 15, 2020 1/15/20	== 12.1.0.5 == 13.3.0.0 == 13.2.0.0
CVE-2020-2637	Medium	January 15, 2020 1/15/20	== 12.1.0.5 == 13.3.0.0 == 13.2.0.0
CVE-2020-2638	Medium	January 15, 2020 1/15/20	== 12.1.0.5 == 13.3.0.0 == 13.2.0.0
CVE-2020-2640	Medium	January 15, 2020 1/15/20	== 12.1.0.5 == 13.3.0.0 == 13.2.0.0
CVE-2019-2895	High	October 16, 2019 10/16/19	== 12.1.0.5.0 == 13.2.2.0.0 == 13.3.1.0.0 == 13.3.2.0.0
CVE-2018-11040	High	June 25, 2018 6/25/18	== 13.2
CVE-2013-3758	Low	July 17, 2013 7/17/13	== 10.2.0.5 == 11.1.0.1
CVE-2013-3791	Low	July 17, 2013 7/17/13	== 10.2.0.5
CVE-2009-1966	Medium	July 14, 2009 7/14/09	== 10.2.0.4
CVE-2009-1967	Medium	July 14, 2009 7/14/09	== 10.2.0.4
CVE-2008-2603	Low	July 15, 2008 7/15/08	== 10.2.0.4 == 10.1.0.5 == 11.1.0.6
CVE-2007-5531	High	October 17, 2007 10/17/07	== 10.1.0.6
CVE-2007-2129	High	April 18, 2007 4/18/07	== 9.2.0.8
CVE-2007-0292	High	January 17, 2007 1/17/07	== 10.1.0.5
CVE-2007-0293	Medium	January 17, 2007 1/17/07	== 10.2.0.1 == 10.1.0.5
CVE-2007-0294	Low	January 17, 2007 1/17/07	== 10.2.0.1
CVE-2006-3719	Medium	July 21, 2006 7/21/06	== 9.2.0.1 == 9.0.1.0
CVE-2006-3720	Medium	July 21, 2006 7/21/06	== 10.1.0.3
CVE-2006-3721	High	July 21, 2006 7/21/06	== 10.2.0.1 == 10.1.0.5
CVE-2006-1885	High	April 20, 2006 4/20/06	== 9.0.1.5 == 9.2.0.7
CVE-2004-1362	High	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1363	Critical	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1364	High	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1365	Low	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1366	Low	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1367	Low	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1368	High	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1369	Medium	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1370	High	August 4, 2004 8/4/04	== 9.0.1 == 9
CVE-2004-1371	High	August 4, 2004 8/4/04	== 9.0.1 == 9

avaya / enterprise_manager

1 vulnerabilities found

Title	Severity	Exploit	Date	Affected Version
CVE-2011-1229	High		April 13, 2011 4/13/11	*

f5 / enterprise_manager

39 vulnerabilities found

Title	Severity	Date	Affected Version
CVE-2020-5854	Medium	February 6, 2020 2/6/20	== 3.1.1
CVE-2014-5209	Medium	January 8, 2020 1/8/20	== 3.1.1
CVE-2019-19151	Medium	December 23, 2019 12/23/19	== 3.1.1
CVE-2019-6665	Critical	November 27, 2019 11/27/19	== 3.1.1
CVE-2019-6663	Medium	November 15, 2019 11/15/19	== 3.1.1
CVE-2018-12207	Medium	November 14, 2019 11/14/19	== 3.1.1
CVE-2019-6471	Medium	October 9, 2019 10/9/19	== 3.1.1
CVE-2018-5743	High	October 9, 2019 10/9/19	== 3.1.1
CVE-2018-14880	High	October 3, 2019 10/3/19	== 3.1.1
CVE-2018-14468	High	October 3, 2019 10/3/19	== 3.1.1
CVE-2019-6651	Medium	September 25, 2019 9/25/19	== 3.1.1
CVE-2019-6646	Medium	September 4, 2019 9/4/19	== 3.1.1
CVE-2019-6642	High	July 1, 2019 7/1/19	== 3.1.1
CVE-2019-11479	High	June 19, 2019 6/19/19	== 3.1.1
CVE-2019-6597	Medium	March 13, 2019 3/13/19	== 3.1.1
CVE-2019-6598	Low	March 13, 2019 3/13/19	== 3.1.1
CVE-2018-15329	Medium	December 20, 2018 12/20/18	== 3.1.1
CVE-2018-15328	Medium	December 12, 2018 12/12/18	== 3.1.1
CVE-2018-15321	Medium	October 31, 2018 10/31/18	== 3.1.1
CVE-2018-15322	Low	October 31, 2018 10/31/18	== 3.1.1
CVE-2018-15327	Medium	October 31, 2018 10/31/18	== 3.1.1
CVE-2018-14634	High	September 25, 2018 9/25/18	== 3.1.1
CVE-2018-5540	Low	July 19, 2018 7/19/18	== 3.1.1
CVE-2018-5523	Medium	June 1, 2018 6/1/18	== 3.1.1
CVE-2016-7469	Low	June 9, 2017 6/9/17	== 3.1.1
CVE-2017-6128	Medium	May 1, 2017 5/1/17	== 3.1.1
CVE-2016-5022	High	September 7, 2016 9/7/16	== 3.1.1
CVE-2015-4040	Low	September 17, 2015 9/17/15	== 3.1.0 == 3.0.0 == 3.1.1
CVE-2015-4047	High	May 29, 2015 5/29/15	>= 3.0.0 <= 3.1.1
CVE-2014-6032	Medium	November 1, 2014 11/1/14	== 2.2.0 == 2.1.0 == 3.1.0 == 3.0.0 == 3.1.1 == 2.3.0
CVE-2014-4023	Low	October 28, 2014 10/28/14	== 2.2.0 == 2.1.0 == 3.1.0 == 3.0.0 == 3.1.1 == 2.3.0
CVE-2014-2927	High	October 15, 2014 10/15/14	== 2.3.0 == 3.1.0 == 3.0.0 == 2.2.0 == 2.1.0 == 3.1.1
CVE-2014-7169	Critical	September 25, 2014 9/25/14	>= 3.0.0 <= 3.1.1 >= 2.1.0 <= 2.3.0
CVE-2014-6271	Critical	September 24, 2014 9/24/14	>= 3.0.0 <= 3.1.1 >= 2.1.0 <= 2.3.0
CVE-2014-4027	Low	June 23, 2014 6/23/14	>= 3.0.0 <= 3.1.1
CVE-2014-3959	Low	June 3, 2014 6/3/14	== 3.0.0 == 3.1.1
CVE-2014-0196	Medium	May 7, 2014 5/7/14	== 3.1.0 == 3.1.1
CVE-2012-1493	High	July 9, 2012 7/9/12	== 2.2.0 == 2.1.0-hf1 * == 2.1.0 == 2.3.0-hf2 == 2.0 == 2.3.0 == 1.0
CVE-2011-3188	Critical	May 24, 2012 5/24/12	== 3.0.0 >= 2.1.0 <= 2.3.0

netgain-systems / enterprise_manager

25 vulnerabilities found

Title	Severity	Date	Affected Version
CVE-2018-10586	Low	November 1, 2018 11/1/18	< 10.1.12
CVE-2018-10587	High	November 1, 2018 11/1/18	< 10.0.57
CVE-2017-16604	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16605	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16606	Medium	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16607	Medium	January 23, 2018 1/23/18	< 7.2.766
CVE-2017-16608	High	January 23, 2018 1/23/18	< 7.2.766
CVE-2017-16609	Medium	January 23, 2018 1/23/18	< 7.2.766
CVE-2017-16610	High	January 23, 2018 1/23/18	< 7.2.766
CVE-2017-17406	High	January 23, 2018 1/23/18	< 7.2.766
CVE-2017-17407	High	January 23, 2018 1/23/18	== 7.2.699
CVE-2017-16590	Medium	January 23, 2018 1/23/18	== 7.2.699
CVE-2017-16591	Low	January 23, 2018 1/23/18	== 7.2.699
CVE-2017-16592	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16593	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16594	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16595	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16596	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16597	High	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16598	Medium	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16599	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16600	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16601	Low	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16602	Medium	January 23, 2018 1/23/18	== 7.2.730
CVE-2017-16603	Medium	January 23, 2018 1/23/18	== 7.2.730

wems / enterprise_manager

1 vulnerabilities found

Title	Severity	Exploit	Date	Affected Version
CVE-2020-21993	Medium		April 28, 2021 4/28/21	== 2.58.8903 == 2.55.8806 == 2.55.8782 == 2.19.7959

microstrategy / enterprise_manager

1 vulnerabilities found

Title	Severity	Exploit	Date	Affected Version
CVE-2022-29596	Critical		May 11, 2022 5/11/22	== 2022

Showing vulnerabilities for 6 products matching "enterprise_manager". Each product has independent pagination.

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo

Frequently Asked Questions

What is a Vulnerability (CVE) and why does it matter?

A security vulnerability is a weakness in software, hardware, or configuration that can be exploited to compromise confidentiality, integrity, or availability. Many vulnerabilities are tracked as CVEs (Common Vulnerabilities and Exposures), which provide a standardized identifier so teams can coordinate patching, mitigation, and risk assessment across tools and vendors.

CVSS (Common Vulnerability Scoring System) estimates technical severity, but it doesn't automatically equal business risk. Prioritize using context like internet exposure, affected asset criticality, known exploitation (proof-of-concept or in-the-wild), and whether compensating controls exist. A "Medium" CVSS on an exposed, production system can be more urgent than a "Critical" on an isolated, non-production host.

A vulnerability is the underlying weakness. An exploit is the method or code used to take advantage of it. A zero-day is a vulnerability that is unknown to the vendor or has no publicly available fix when attackers begin using it. In practice, risk increases sharply when exploitation becomes reliable or widespread.

Recurring findings usually come from incomplete Asset Discovery, inconsistent patch management, inherited images, and configuration drift. In modern environments, you also need to watch the software supply chain: dependencies, containers, build pipelines, and third-party services can reintroduce the same weakness even after you patch a single host. Unknown or unmanaged assets (often called Shadow IT) are a common reason the same issues resurface.

Use a simple, repeatable triage model: focus first on externally exposed assets, high-value systems (identity, VPN, email, production), vulnerabilities with known exploits, and issues that enable remote code execution or privilege escalation. Then enforce patch SLAs and track progress using consistent metrics so remediation is steady, not reactive.

SynScan combines attack surface monitoring and continuous security auditing to keep your inventory current, flag high-impact vulnerabilities early, and help you turn raw findings into a practical remediation plan.