Latest Vulnerabilities Affecting Solarwinds products

Date CVE Title CVSS
2019-03-21 CVE-2018-15906 Permissions, Privileges, and Access Control vulnerability in Solarwinds Serv U FTP Server 15.1.6 High
2019-03-21 CVE-2018-19934 Cross-Site Scripting (XSS) vulnerability in Solarwinds Serv U FTP Server 15.1.6.25 Low
2019-03-01 CVE-2019-9546 Permissions, Privileges, and Access Control vulnerability in Solarwinds Orion Platform High
2019-02-18 CVE-2019-8917 Permissions, Privileges, and Access Control vulnerability in Solarwinds Orion Network Performance Monitor High
2018-12-05 CVE-2018-16791 Credentials Management vulnerability in Solarwinds Sftp/Scp Server 20180910 Medium
2018-12-05 CVE-2018-16792 Improper Restriction of XML External Entity Reference ('XXE') vulnerability in Solarwinds Sftp/Scp Server 20180910 Medium
2018-09-07 CVE-2018-12897 Buffer Errors vulnerability in Solarwinds Dameware Mini Remote Control 12.1 Medium
2018-05-16 CVE-2018-10241 NULL Pointer Dereference vulnerability in Solarwinds Serv U 15.1.6 Medium
2018-05-16 CVE-2018-10240 Insufficient Entropy vulnerability in Solarwinds Serv U 15.1.6 Medium
2017-12-20 CVE-2012-2576 SQL Injection vulnerability in Solarwinds products High
2017-10-03 CVE-2017-9537 Cross-Site Scripting (XSS) vulnerability in Solarwinds Network Performance Monitor 12.0.15300.90 Low
2017-10-03 CVE-2017-9538 Input Validation vulnerability in Solarwinds Network Performance Monitor 12.0.15300.90 Medium
2017-04-12 CVE-2017-7722 Command Injection vulnerability in Solarwinds LOG & Event Manager 6.3.1 High
2017-04-10 CVE-2017-7646 Information Leak / Disclosure vulnerability in Solarwinds LOG & Event Manager 6.3.1 Medium
2017-04-10 CVE-2017-7647 Command Injection vulnerability in Solarwinds LOG & Event Manager 6.3.1 Medium