Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
505
VMScore
CVE-2009-3115
SolarWinds TFTP Server 9.2.0.111 and previous versions allows remote malicious users to cause a denial of service (service stop) via a crafted Option Acknowledgement (OACK) request. NOTE: some of these details are obtained from third party information.
Solarwinds Tftp Server 8.2
Solarwinds Tftp Server
Solarwinds Tftp Server 8.1
Solarwinds Tftp Server 5.0.55
Solarwinds Tftp Server 5.0.60
1 EDB exploit
356
VMScore
CVE-2009-4815
Directory traversal vulnerability in Serv-U prior to 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors.
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.0
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.2.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.0.0.1
905
VMScore
CVE-2011-4800
Directory traversal vulnerability in Serv-U FTP Server prior to 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get comma...
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 7.2.0.0
Solarwinds Serv-u File Server 9.1.0.2
Solarwinds Serv-u File Server 6.3.0.1
Solarwinds Serv-u File Server 6.2.0.1
Solarwinds Serv-u File Server 6.4.0.3
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 8.0.0.2
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 6.4.0.5
Solarwinds Serv-u File Server 8.0.0.1
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 10.5.0.6
Solarwinds Serv-u File Server 10.4.0.0
Solarwinds Serv-u File Server 10.1.0.0
Solarwinds Serv-u File Server 10.0.0.5
1 EDB exploit
801
VMScore
CVE-2021-35212
An SQL injection Privilege Escalation Vulnerability exists in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user.
Solarwinds Orion Platform 2019.2
Solarwinds Orion Platform 2019.4
Solarwinds Orion Platform 2020.2.1
Solarwinds Orion Platform 2020.2.4
Solarwinds Orion Platform 2020.2.5
445
VMScore
CVE-2005-3467
Serv-U FTP Server prior to 6.1.0.4 allows malicious users to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of th...
Solarwinds Serv-u File Server 6.0.0.0
Solarwinds Serv-u File Server 5.0.0.11
Solarwinds Serv-u File Server 6.1.0.0
Solarwinds Serv-u File Server
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 5.2.0.1
Solarwinds Serv-u File Server 5.0.0.9
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 6.0.0.1
Solarwinds Serv-u File Server 6.0.0.2
Solarwinds Serv-u File Server 5.2.0.0
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 5.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
Solarwinds Serv-u File Server 3.1.0.3
NA
CVE-2022-36957
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with Orion admin-level account access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36958
SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to execute arbitrary commands.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36960
SolarWinds Platform was susceptible to Improper Input Validation. This vulnerability allows a remote adversary with valid access to SolarWinds Web Console to escalate user privileges.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36962
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
NA
CVE-2022-36966
Users with Node Management rights were able to view and edit all nodes due to Insufficient control on URL parameter causing insecure direct object reference (IDOR) vulnerability in SolarWinds Platform 2022.3 and previous.
Solarwinds Orion Platform 2020.2.6
Solarwinds Orion Platform
Solarwinds Orion Platform 2022.2
Solarwinds Orion Platform 2022.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »