Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-03	CVE-2020-35482	Cross-site Scripting vulnerability in Solarwinds Serv-U 15.1.6/15.2.1 SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS. network solarwinds CWE-79	3.5
2021-02-03	CVE-2020-35481	Unspecified vulnerability in Solarwinds Serv-U 15.1.6/15.2.1 SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection. network low complexity solarwinds	7.5
2021-02-03	CVE-2020-28001	Cross-site Scripting vulnerability in Solarwinds Serv-U 15.1.6/15.2.1 SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. network solarwinds CWE-79	3.5
2021-02-03	CVE-2020-27994	Path Traversal vulnerability in Solarwinds Serv-U 15.1.6/15.2.1 SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal. network low complexity solarwinds CWE-22	4.0
2021-01-15	CVE-2019-16961	Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name. network solarwinds CWE-79	3.5
2021-01-06	CVE-2019-16954	Injection vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket. network solarwinds CWE-74	4.9
2021-01-04	CVE-2019-16960	Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via a CSV template file with a crafted Location Name field. network solarwinds CWE-79	3.5
2021-01-04	CVE-2019-16956	Cross-site Scripting vulnerability in Solarwinds web Help Desk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the Request Type parameter of a ticket. network solarwinds CWE-79	3.5
2020-12-29	CVE-2020-10148	Improper Authentication vulnerability in Solarwinds Orion Platform 2019.4/2020.2/2020.2.1 The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. network low complexity solarwinds CWE-287 critical	9.8
2020-12-21	CVE-2019-16959	Injection vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket. network low complexity solarwinds CWE-74	4.0

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds