solarwinds

324 tracked vulnerabilities.

CVE-2022-47012 HIGH
GNS3 dynamips <0.2.21 - Buffer Overflow
Jan 20, 2023
CVSS 7.5
EPSS 0.01
CVE-2022-38112 HIGH
SolarWinds Database Performance Analyzer < 2022.4 - Cleartext Storage of Sensitive Information in Heap Memory Dumps
Jan 20, 2023
CVSS 7.5
EPSS 0.00
CVE-2022-38110 MEDIUM
Database Performance Analyzer <2022.4 - CSRF
Jan 20, 2023
CVSS 5.4
EPSS 0.00
CVE-2022-47512 MEDIUM
SolarWinds Platform 2022.4 - Cleartext Storage of Sensitive Information
Dec 19, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-38106 MEDIUM
SolarWinds Serv-U 15.3.0-15.3.1 - Cross-Site Scripting in Directory Creation Function
Dec 16, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-36964 HIGH
SolarWinds Orion Platform - Authenticated Remote Code Execution via Untrusted Data Deserialization
Nov 29, 2022
CVSS 8.8
EPSS 0.17
CVE-2022-36962 HIGH
SolarWinds Orion Platform - OS Command Injection
Nov 29, 2022
CVSS 7.2
EPSS 0.09
CVE-2022-36960 HIGH
SolarWinds Orion Platform - Authenticated Privilege Escalation via Improper Input Validation
Nov 29, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-38115 MEDIUM
SolarWinds Security Event Manager < 2022.2 - Insecure HTTP Method Exposure
Nov 23, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-38114 MEDIUM
SolarWinds Security Event Manager - HTTP Request Smuggling and XSS
Nov 23, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-38113 MEDIUM
SolarWinds Security Event Manager - Information Exposure via Server Response Header
Nov 23, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-38108 HIGH
SolarWinds Platform - Code Injection
Oct 20, 2022
CVSS 7.2
EPSS 0.70
CVE-2022-36966 MEDIUM
SolarWinds Orion Platform < 2022.4 - Insecure Direct Object Reference via Node Management URL Parameter
Oct 20, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-36958 HIGH
SolarWinds Orion Platform - Authenticated Remote Code Execution via Untrusted Data Deserialization
Oct 20, 2022
CVSS 8.8
EPSS 0.83
CVE-2022-36957 HIGH
SolarWinds Orion Platform - Authenticated Remote Code Execution via Untrusted Data Deserialization
Oct 20, 2022
CVSS 7.2
EPSS 0.12
CVE-2022-38107 MEDIUM
SolarWinds SQL Sentry < 2021.18.10 - Sensitive Information Disclosure via Error Message
Oct 19, 2022
CVSS 5.3
EPSS 0.01
CVE-2022-36965 MEDIUM
SolarWinds Platform < 2022.3.0 - Stored and DOM-Based Cross-Site Scripting in QoE Application Input Field
Sep 30, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-36961 HIGH
SolarWinds Orion Platform < 2022.2.0 - Authenticated SQL Injection
Sep 30, 2022
CVSS 8.8
EPSS 0.75
CVE-2021-35252 HIGH
Serv-U FTP Server - Info Disclosure
Dec 16, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-35246 MEDIUM
SolarWinds Engineer's Toolset - Cleartext Transmission
Nov 23, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-35226 MEDIUM
Network Configuration Manager - Info Disclosure
Oct 10, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-35249 MEDIUM
SolarWinds Serv-U < 15.3.1 - Unauthorized Domain Data Access via Broken Access Control
May 17, 2022
CVSS 4.3
EPSS 0.01
CVE-2021-35250 HIGH NUCLEI
SolarWinds Serv-U 15.3 - Path Traversal
Apr 25, 2022
CVSS 7.5
EPSS 0.15
CVE-2021-35229 MEDIUM
Database Performance Monitor <2022.1.7779 - XSS
Apr 21, 2022
CVSS 6.8
EPSS 0.03
CVE-2021-35254 HIGH
SolarWinds WebHelpDesk - Improper Input Validation
Mar 25, 2022
CVSS 8.2
EPSS 0.01