solarwinds

324 tracked vulnerabilities.

CVE-2020-14007 MEDIUM
SolarWinds Orion NPM & WPM Stored XSS via Alert Definition Name
Jun 24, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-14006 MEDIUM
SolarWinds Orion Network Performance Monitor - Stored Cross-Site Scripting via Responsible Team Field
Jun 24, 2020
CVSS 5.4
EPSS 0.01
CVE-2020-14005 HIGH
SolarWinds Orion Network Performance Monitor - Remote Code Execution via Event Definition
Jun 24, 2020
CVSS 8.8
EPSS 0.14
CVE-2020-13912 HIGH
SolarWinds Advanced Monitoring Agent < 10.8.9 - Privilege Escalation via Trojan Horse .exe File
Jun 07, 2020
CVSS 7.3
EPSS 0.01
CVE-2020-12608 HIGH
SolarWinds MSP PME <1.1.15 - Code Execution
May 07, 2020
CVSS 7.8
EPSS 0.22
CVE-2020-5734 HIGH
SolarWinds Dameware - Buffer Overflow
Apr 07, 2020
CVSS 7.5
EPSS 0.25
CVE-2020-7984 HIGH
SolarWinds N-central <12.1 SP1 HF5-12.2 SP1 HF2 - Info Disclosure
Jan 26, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-16961 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Stored Cross-Site Scripting via Schedule Name
Jan 15, 2021
CVSS 5.4
EPSS 0.01
CVE-2019-16954 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Cross-Site Scripting via Help Request Ticket Comment
Jan 06, 2021
CVSS 5.4
EPSS 0.01
CVE-2019-16960 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Stored Cross-Site Scripting via CSV Template Location Name Field
Jan 04, 2021
CVSS 5.4
EPSS 0.01
CVE-2019-16956 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Cross-Site Scripting via Request Type Parameter
Jan 04, 2021
CVSS 5.4
EPSS 0.02
CVE-2019-16959 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Code Injection
Dec 21, 2020
CVSS 6.5
EPSS 0.02
CVE-2019-16957 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Stored Cross-Site Scripting via User Account First Name Field
Dec 18, 2020
CVSS 5.4
EPSS 0.01
CVE-2019-16955 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Stored Cross-Site Scripting via SVG File Upload
Dec 18, 2020
CVSS 5.4
EPSS 0.02
CVE-2019-16958 MEDIUM
SolarWinds Web Help Desk 12.7.0 - Stored Cross-Site Scripting via Location Name
Dec 01, 2020
CVSS 5.4
EPSS 0.01
CVE-2019-12864 MEDIUM
SolarWinds Orion Platform 2018.4 HF3 - Information Leakage via Error Stack Trace
May 04, 2020
CVSS 5.5
EPSS 0.00
CVE-2019-20002 HIGH
SolarWinds WebHelpDesk 12.7.1 - Code Injection
Apr 27, 2020
CVSS 7.8
EPSS 0.01
CVE-2019-12769 HIGH
SolarWinds Serv-U Managed File Transfer < 15.1.6 Hotfix 2 - Cross-Site Request Forgery via File Upload
Mar 18, 2020
CVSS 8.8
EPSS 0.01
CVE-2019-12863 MEDIUM
SolarWinds Orion Platform 2018.4 HF3 - Stored Cross-Site Scripting via Web Console Settings Screen
Feb 25, 2020
CVSS 4.8
EPSS 0.01
CVE-2019-12954 MEDIUM
SolarWinds Orion Platform 2018 NPM 12.3 NetPath 1.1.3 - Authenticated Stored XSS via VIDEO onerror
Feb 17, 2020
CVSS 5.4
EPSS 0.01
CVE-2019-17127 MEDIUM
SolarWinds Orion Platform 2019.2 HF1 - Stored Cross-Site Scripting via Angular Template Injection
Jan 17, 2020
CVSS 6.1
EPSS 0.02
CVE-2019-17125 MEDIUM
SolarWinds Orion Platform 2019.2 HF1 - Stored Cross-Site Scripting via Angular Template Injection
Jan 17, 2020
CVSS 6.1
EPSS 0.02
CVE-2019-19829 MEDIUM
SolarWinds Serv-U FTP Server 15.1.7 - Cross-Site Scripting via Email Parameter
Dec 18, 2019
CVSS 5.4
EPSS 0.02
CVE-2019-13182 MEDIUM
SolarWinds Serv-U FTP Server 15.1.7 - Stored Cross-Site Scripting
Dec 16, 2019
CVSS 5.4
EPSS 0.06
CVE-2019-13181 MEDIUM
SolarWinds Serv-U FTP Server <15.1.7 - SQL Injection
Dec 16, 2019
CVSS 6.5
EPSS 0.03