Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2019-9546
SolarWinds Orion Platform prior to 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
Solarwinds Orion Platform 2018.4
Solarwinds Orion Platform
7.5
CVSSv2
CVE-2015-8220
Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control prior to 12.0 HotFix 1 allows remote malicious users to execute arbitrary code via a crafted commandline argument in a link.
Solarwinds Dameware Mini Remote Control
7.5
CVSSv2
CVE-2015-7840
The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) prior to 6.2.0 allows remote malicious users to execute arbitrary code via unspecified vectors involving the ping feature.
Solarwinds Log And Event Manager
7.5
CVSSv2
CVE-2015-7839
SolarWinds Log and Event Manager (LEM) allows remote malicious users to execute arbitrary commands on managed computers via a request to services/messagebroker/nonsecurestreamingamf involving the traceroute functionality.
Solarwinds Log And Event Manager
7.5
CVSSv2
CVE-2014-9566
Multiple SQL injection vulnerabilities in the Manage Accounts page in the AccountManagement.asmx service in the Solarwinds Orion Platform 2015.1, as used in Network Performance Monitor (NPM) prior to 11.5, NetFlow Traffic Analyzer (NTA) prior to 4.1, Network Configuration Manager...
Solarwinds Orion Voip \\& Network Quality Manager
Solarwinds Orion Server And Application Manager
Solarwinds Orion Network Configuration Manager
Solarwinds Orion User Device Tracker
Solarwinds Orion Network Performance Monitor
Solarwinds Orion Web Performance Monitor
Solarwinds Orion Netflow Traffic Analyzer
Solarwinds Orion Ip Address Manager
1 EDB exploit
7.5
CVSSv2
CVE-2014-5504
SolarWinds Log and Event Manager prior to 6.0 uses "static" credentials, which makes it easier for remote malicious users to obtain access to the database and execute arbitrary code via unspecified vectors, related to HyperSQL.
Solarwinds Log And Event Manager
Solarwinds Log And Event Manager 5.6.0
Solarwinds Log And Event Manager 5.5.0
Solarwinds Log And Event Manager 5.2.0
Solarwinds Log And Event Manager 5.4.0
7.5
CVSSv2
CVE-2001-1463
The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote malicious users to sniff passwords.
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.0.0.17
7.2
CVSSv2
CVE-2021-35230
As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry.
Solarwinds Kiwi Cattools
7.2
CVSSv2
CVE-2021-27277
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulne...
Solarwinds Orion Platform 2020.2
7.2
CVSSv2
CVE-2021-27240
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specifi...
Solarwinds Patch Manager 2020.2.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »