Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
666
VMScore
CVE-2019-12181
A privilege escalation vulnerability exists in SolarWinds Serv-U prior to 15.1.7 for Linux.
Solarwinds Serv-u Mft Server
Solarwinds Serv-u Ftp Server
3 EDB exploits
2 Github repositories
641
VMScore
CVE-2021-35230
As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry.
Solarwinds Kiwi Cattools
641
VMScore
CVE-2021-27277
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulne...
Solarwinds Orion Platform 2020.2
641
VMScore
CVE-2021-27240
This vulnerability allows local malicious users to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specifi...
Solarwinds Patch Manager 2020.2.1
641
VMScore
CVE-2018-19999
The local management interface in SolarWinds Serv-U FTP Server 15.1.6.25 has incorrect access controls that permit local users to bypass authentication in the application and execute code in the context of the Windows SYSTEM account, leading to privilege escalation. To exploit th...
Solarwinds Serv-u Ftp Server 15.1.6.25
641
VMScore
CVE-2017-5198
SolarWinds LEM (aka SIEM) prior to 6.3.1 has an incorrect sudo configuration, which allows local users to obtain root access by editing /usr/local/contego/scripts/hostname.sh.
Solarwinds Log And Event Manager
605
VMScore
CVE-2021-35242
Serv-U server responds with valid CSRFToken when the request contains only Session.
Solarwinds Serv-u
605
VMScore
CVE-2021-35245
When a user has admin rights in Serv-U Console, the user can move, create and delete any files are able to be accessed on the Serv-U host machine.
Solarwinds Serv-u
Solarwinds Serv-u 15.2.4
Solarwinds Serv-u 15.2.5
605
VMScore
CVE-2020-25622
An issue exists in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows CSRF.
Solarwinds N-central 12.3.0.670
605
VMScore
CVE-2020-15909
SolarWinds N-central up to and including 2020.1 allows session hijacking and requires user interaction or physical access. The N-Central JSESSIONID cookie attribute is not checked against multiple sources such as sourceip, MFA claim, etc. as long as the victim stays logged in wit...
Solarwinds N-central
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27802
template injection
CVE-2024-0044
code injection
CVE-2024-35474
CVE-2024-27857
CVE-2024-23251
CVE-2024-23692
physical
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »