Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
solarwinds vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-7838
ProcessFileUpload.jsp in SolarWinds Storage Manager prior to 6.2 allows remote malicious users to upload and execute arbitrary files via unspecified vectors.
Solarwinds Storage Manager
10
CVSSv2
CVE-2015-5371
The AuthenticationFilter class in SolarWinds Storage Manager allows remote malicious users to upload and execute arbitrary scripts via unspecified vectors.
Solarwinds Storage Manager -
10
CVSSv2
CVE-2015-2284
userlogin.jsp in SolarWinds Firewall Security Manager (FSM) prior to 6.6.5 HotFix1 allows remote malicious users to gain privileges and execute arbitrary code via unspecified vectors, related to client session handling.
Solarwinds Firewall Security Manager
1 EDB exploit
10
CVSSv2
CVE-2009-4006
Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions prior to 9.1.0.0 allows remote malicious users to execute arbitrary code via a long hexadecimal string.
Solarwinds Serv-u File Server 7.1.0.0
Solarwinds Serv-u File Server 7.4.0.1
Solarwinds Serv-u File Server 8.2.0.3
Solarwinds Serv-u File Server 8.0.0.5
Solarwinds Serv-u File Server 8.0.0.1
Solarwinds Serv-u File Server 9.0.0.1
Solarwinds Serv-u File Server 7.0.0.3
Solarwinds Serv-u File Server 7.0.0.1
Solarwinds Serv-u File Server 7.3.0.1
Solarwinds Serv-u File Server 7.3.0.0
Solarwinds Serv-u File Server 8.2.0.0
Solarwinds Serv-u File Server 8.2.0.1
Solarwinds Serv-u File Server 9.1.0.0
Solarwinds Serv-u File Server 7.1.0.1
Solarwinds Serv-u File Server 7.1.0.2
Solarwinds Serv-u File Server 7.3.0.2
Solarwinds Serv-u File Server 7.4.0.0
Solarwinds Serv-u File Server 8.1.0.1
Solarwinds Serv-u File Server 8.1.0.3
Solarwinds Serv-u File Server 7.0.0.4
Solarwinds Serv-u File Server 7.0.0.2
Solarwinds Serv-u File Server 7.2.0.0
1 EDB exploit
10
CVSSv2
CVE-2004-2532
Serv-U FTP server prior to 5.1.0.0 has a default account and password for local administration, which allows local users to execute arbitrary commands by connecting to the server using the default administrator account, creating a new user, logging in as that new user, and then u...
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
Solarwinds Serv-u File Server 5.0.0.0
Solarwinds Serv-u File Server
Solarwinds Serv-u File Server 3.1.0.3
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 5.0.0.4
Solarwinds Serv-u File Server 5.0.0.9
Solarwinds Serv-u File Server 3.0.0.17
1 EDB exploit
10
CVSSv2
CVE-2004-0330
Buffer overflow in Serv-U ftp prior to 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command.
Solarwinds Serv-u File Server
Solarwinds Serv-u File Server 4.1.0.0
Solarwinds Serv-u File Server 3.0.0.17
Solarwinds Serv-u File Server 4.1.0.3
Solarwinds Serv-u File Server 4.0.0.4
Solarwinds Serv-u File Server 3.1.0.3
Solarwinds Serv-u File Server 3.0.0.16
Solarwinds Serv-u File Server 3.1.0.0
Solarwinds Serv-u File Server 3.1.0.1
6 EDB exploits
9.4
CVSSv2
CVE-2021-31217
In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.
Solarwinds Dameware Mini Remote Control 12.0.1.200
9.3
CVSSv2
CVE-2020-12608
An issue exists in SolarWinds MSP PME (Patch Management Engine) Cache Service prior to 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing th...
Solarwinds Managed Service Provider Patch Management Engine
9.3
CVSSv2
CVE-2013-3249
Stack-based buffer overflow in the "Add from text file" feature in the DameWare Exporter tool (DWExporter.exe) in DameWare Remote Support 10.0.0.372, 9.0.1.247, and previous versions allows user-assisted malicious users to execute arbitrary code via unspecified vectors.
Solarwinds Dameware Remote Support
9
CVSSv2
CVE-2021-35216
Insecure Deserialization of untrusted data remote code execution vulnerability exists in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution.
Solarwinds Patch Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »