Vulnerabilities > Solarwinds
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-06 | CVE-2023-35188 | SQL Injection vulnerability in Solarwinds Platform SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. | 8.8 |
| 2024-02-06 | CVE-2023-50395 | SQL Injection vulnerability in Solarwinds Platform SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. | 8.8 |
| 2023-12-21 | CVE-2023-40058 | Unspecified vulnerability in Solarwinds Access Rights Manager Sensitive data was added to our public-facing knowledgebase that, if exploited, could be used to access components of Access Rights Manager (ARM) if the threat actor is in the same environment. low complexity solarwinds | 6.5 |
| 2023-12-06 | CVE-2023-40053 | Unspecified vulnerability in Solarwinds Serv-U 15.4.0 A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously. | 5.0 |
| 2023-11-28 | CVE-2023-40056 | SQL Injection vulnerability in Solarwinds Platform SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform. | 8.8 |
| 2023-11-09 | CVE-2023-40054 | Path Traversal vulnerability in Solarwinds Network Configuration Manager The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. | 8.8 |
| 2023-11-09 | CVE-2023-40055 | Path Traversal vulnerability in Solarwinds Network Configuration Manager The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. | 8.8 |
| 2023-11-01 | CVE-2023-33226 | Path Traversal vulnerability in Solarwinds Network Configuration Manager The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. | 8.8 |
| 2023-11-01 | CVE-2023-33227 | Path Traversal vulnerability in Solarwinds Network Configuration Manager The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges. | 8.8 |
| 2023-11-01 | CVE-2023-33228 | Missing Encryption of Sensitive Data vulnerability in Solarwinds Network Configuration Manager The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. | 4.9 |