Vulnerabilities > Solarwinds
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-26 | CVE-2023-33225 | Incorrect Comparison vulnerability in Solarwinds Platform The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. | 7.2 |
| 2023-07-18 | CVE-2023-33231 | Cross-site Scripting vulnerability in Solarwinds Database Performance Analyzer XSS attack was possible in DPA 2023.2 due to insufficient input validation | 6.1 |
| 2023-06-15 | CVE-2023-23841 | Cleartext Transmission of Sensitive Information vulnerability in Solarwinds Serv-U SolarWinds Serv-U is submitting an HTTP request when changing or updating the attributes for File Share or File request.? Part of the URL of the request discloses sensitive data. | 7.5 |
| 2023-04-25 | CVE-2023-23839 | Unspecified vulnerability in Solarwinds Platform The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. | 6.5 |
| 2023-04-25 | CVE-2023-23837 | Improper Handling of Exceptional Conditions vulnerability in Solarwinds Database Performance Analyzer No exception handling vulnerability which revealed sensitive or excessive information to users. | 7.5 |
| 2023-04-25 | CVE-2023-23838 | Path Traversal vulnerability in Solarwinds Database Performance Analyzer Directory traversal and file enumeration vulnerability which allowed users to enumerate to different folders of the server. | 6.5 |
| 2023-04-21 | CVE-2022-36963 | Code Injection vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Command Injection Vulnerability. | 7.2 |
| 2023-04-21 | CVE-2022-47505 | Improper Privilege Management vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Local Privilege Escalation Vulnerability. | 7.8 |
| 2023-04-21 | CVE-2022-47509 | Cross-site Scripting vulnerability in Solarwinds Orion Platform The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. | 6.1 |
| 2023-02-15 | CVE-2022-38111 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform 2022.4.1 SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |