Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
network performance monitor vulnerabilities and exploits
(subscribe to this query)
4
CVSSv2
CVE-2017-9538
The 'Upload logo from external path' function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote malicious users to cause a denial of service (permanent display of a "Cannot exit above the top directory" error message throughout the ...
Solarwinds Network Performance Monitor
6.5
CVSSv2
CVE-2018-13442
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
Solarwinds Network Performance Monitor
10
CVSSv2
CVE-2019-8917
SolarWinds Orion NPM prior to 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeAct...
Solarwinds Orion Network Performance Monitor
3.5
CVSSv2
CVE-2017-9537
Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote malicious users to introduce arbitrary JavaScript into various vulnerable parameters.
Solarwinds Network Performance Monitor 12.0.15300.90
4.3
CVSSv2
CVE-2010-4828
Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) Title parameter to MapView.aspx; NetObject parameter to (2) NodeDetails.aspx and (3) Inte...
Solarwinds Orion Network Performance Monitor 10.1
2.1
CVSSv2
CVE-2019-12864
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us&swAler...
Solarwinds Netpath 1.1.4
Solarwinds Network Performance Monitor 12.4
Solarwinds Orion Platform 2018.4
3.5
CVSSv2
CVE-2019-12863
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows Stored HTML Injection by administrators via the Web Console Settings screen.
Solarwinds Netpath 1.1.4
Solarwinds Network Performance Monitor 12.4
Solarwinds Orion Platform 2018.4
7.5
CVSSv2
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) prior to 11.5, NetFlow Traffic Analyzer (NTA) prior to 4.1, Network Configuration Manager...
Solarwinds Orion Voip \\& Network Quality Manager
Solarwinds Orion Server And Application Manager
Solarwinds Orion Network Configuration Manager
Solarwinds Orion User Device Tracker
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Web Performance Monitor
Solarwinds Orion Netflow Traffic Analyzer
Solarwinds Orion Ip Address Manager
1 EDB exploit
6.5
CVSSv2
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
6.8
CVSSv2
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact.
F5 Nginx
Openresty Openresty
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Netapp Ontap Select Deploy Administration Utility -
Oracle Communications Operations Monitor 3.4
Oracle Enterprise Session Border Controller 8.4
Oracle Communications Operations Monitor 4.2
Oracle Communications Operations Monitor 4.3
Oracle Communications Session Border Controller 8.4
Oracle Enterprise Session Border Controller 9.0
Oracle Communications Session Border Controller 9.0
Oracle Enterprise Communications Broker 3.3.0
Oracle Enterprise Telephony Fraud Monitor 4.2
Oracle Enterprise Telephony Fraud Monitor 4.3
Oracle Enterprise Telephony Fraud Monitor 4.4
Oracle Enterprise Telephony Fraud Monitor 3.4
Oracle Communications Operations Monitor 4.4
Oracle Communications Fraud Monitor
Oracle Communications Control Plane Monitor 4.2
Oracle Communications Control Plane Monitor 4.3
Oracle Communications Control Plane Monitor 4.4
27 Github repositories
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »