Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2014-3459
Heap-based buffer overflow in SolarWinds Network Configuration Manager (NCM) prior to 7.3 allows remote malicious users to execute arbitrary code via the PEstrarg1 property.
Solarwinds Network Configuration Manager 7.2.0
Solarwinds Network Configuration Manager
Solarwinds Network Configuration Manager 7.2.1
891
VMScore
CVE-2021-35211
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File ...
Solarwinds Serv-u
Solarwinds Serv-u 15.2.3
2 Github repositories
3 Articles
578
VMScore
CVE-2021-35234
Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
668
VMScore
CVE-2019-9546
SolarWinds Orion Platform prior to 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service.
Solarwinds Orion Platform 2018.4
Solarwinds Orion Platform
312
VMScore
CVE-2021-35238
User with Orion Platform Admin Rights could store XSS through URL POST parameter in CreateExternalWebsite website.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
321
VMScore
CVE-2021-25276
In SolarWinds Serv-U prior to 15.2.2 Hotfix 1, there is a directory containing user profile files (that include users' password hashes) that is world readable and writable. An unprivileged Windows user (having access to the server's filesystem) can add an FTP user by co...
Solarwinds Serv-u
Solarwinds Serv-u 15.2.2
312
VMScore
CVE-2021-35239
A security researcher found a user with Orion map manage rights could store XSS through via text box hyperlink.
Solarwinds Orion Platform
Solarwinds Orion Platform 2020.2.6
383
VMScore
CVE-2021-35229
Cross-site scripting vulnerability is present in Database Performance Monitor 2022.1.7779 and previous versions when using a complex SQL query
Solarwinds Database Performance Analyzer
Solarwinds Database Performance Monitor
NA
CVE-2022-38106
This vulnerability happens in the web client versions 15.3.0 to Serv-U 15.3.1. This vulnerability affects the directory creation function.
Solarwinds Serv-u 15.3.1
Solarwinds Serv-u 15.3.0
490
VMScore
CVE-2021-35225
Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP's customers. This can lead to any user having a limited insight into other customer's infrastructure and potential data cros...
Solarwinds Network Performance Monitor
Solarwinds Network Performance Monitor 2020.2.6
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »