Vulnerabilities > Solarwinds

DATE	CVE	VULNERABILITY TITLE	RISK
2020-12-18	CVE-2019-16957	Cross-site Scripting vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account. network low complexity solarwinds CWE-79	5.4
2020-12-18	CVE-2019-16955	Cross-site Scripting vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request. network low complexity solarwinds CWE-79	5.4
2020-12-16	CVE-2020-25622	Cross-Site Request Forgery (CSRF) vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. network low complexity solarwinds CWE-352	8.8
2020-12-16	CVE-2020-25621	Missing Authentication for Critical Function vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. local low complexity solarwinds CWE-306	8.4
2020-12-16	CVE-2020-25620	Use of Hard-coded Credentials vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. local low complexity solarwinds CWE-798	7.8
2020-12-16	CVE-2020-25619	Unspecified vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. local low complexity solarwinds	4.4
2020-12-16	CVE-2020-25618	OS Command Injection vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. network low complexity solarwinds CWE-78	8.8
2020-12-16	CVE-2020-25617	Path Traversal vulnerability in Solarwinds N-Central 12.3.0.670 An issue was discovered in SolarWinds N-Central 12.3.0.670. network low complexity solarwinds CWE-22	8.8
2020-12-15	CVE-2018-16243	Cross-site Scripting vulnerability in Solarwinds Database Performance Analyzer 11.1.468/12.0.3074 SolarWinds Database Performance Analyzer (DPA) 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen. network low complexity solarwinds CWE-79	5.4
2020-12-01	CVE-2019-16958	Cross-site Scripting vulnerability in Solarwinds Help Desk 12.7.0 Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name. network low complexity solarwinds CWE-79	5.4

Vulnerabilities > Solarwinds {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Solarwinds"}]}

Vulnerabilities > Solarwinds