Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2021-35220
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page.
Solarwinds Orion Platform
578
VMScore
CVE-2018-13442
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
Solarwinds Network Performance Monitor
578
VMScore
CVE-2017-7647
SolarWinds Log & Event Manager (LEM) prior to 6.3.1 Hotfix 4 allows an authenticated user to execute arbitrary commands.
Solarwinds Log \\& Event Manager
578
VMScore
CVE-2017-5199
The editbanner feature in SolarWinds LEM (aka SIEM) up to and including 6.3.1 allows remote authenticated users to execute arbitrary code by editing /usr/local/contego/scripts/mgrconfig.pl.
Solarwinds Log And Event Manager
570
VMScore
CVE-2018-16792
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an malicious user to exfiltrate data.
Solarwinds Sftp\\/scp Server
534
VMScore
CVE-2020-13912
SolarWinds Advanced Monitoring Agent prior to 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file.
Solarwinds Advanced Monitoring Agent
534
VMScore
CVE-2019-20002
Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provided by a low-privileged user in the Subject field of a help request form) that is mishandled in a TicketActions/view?tab=group TSV export by an admin user.
Solarwinds Webhelpdesk 12.7.1
516
VMScore
CVE-2019-3957
Dameware Remote Mini Control version 12.1.0.34 and prior contains an unauthenticated remote buffer over-read due to the server not properly validating RsaSignatureLen during key negotiation, which could crash the application or leak sensitive information.
Solarwinds Dameware Mini Remote Control
505
VMScore
CVE-2019-9017
DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.
Solarwinds Dameware Mini Remote Control 10.0
1 EDB exploit
505
VMScore
CVE-2010-2310
SolarWinds TFTP Server 10.4.0.13 allows remote malicious users to cause a denial of service (crash) via a long write request.
Solarwinds Tftp Server 10.4.0.13
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »