Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-47509
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This vulnerability allows a remote adversary with a valid SolarWinds Platform account to append URL parameters to inject HTML.
Solarwinds Orion Platform
NA
CVE-2022-47512
Sensitive information was stored in plain text in a file that is accessible by a user with a local account in Hybrid Cloud Observability (HCO)/ SolarWinds Platform 2022.4. No other versions are affected
Solarwinds Solarwinds Platform 2022.4.0
NA
CVE-2022-38107
Sensitive information could be displayed when a detailed technical error message is posted. This information could disclose environmental details.
Solarwinds Sql Sentry
NA
CVE-2023-23840
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
Solarwinds Orion Platform
NA
CVE-2023-23841
SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data.
Solarwinds Serv-u
NA
CVE-2023-23845
The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.
Solarwinds Orion Platform
312
VMScore
CVE-2019-16957
SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account.
Solarwinds Webhelpdesk 12.7.0
356
VMScore
CVE-2019-16959
SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket.
Solarwinds Webhelpdesk 12.7.0
312
VMScore
CVE-2020-35856
SolarWinds Orion Platform prior to 2020.2.5 allows stored XSS attacks by an administrator on the Customize View page.
Solarwinds Orion Platform
605
VMScore
CVE-2021-35242
Serv-U server responds with valid CSRFToken when the request contains only Session.
Solarwinds Serv-u
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »