Vulnerabilities > Solarwinds > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-16 | CVE-2024-45710 | Uncontrolled Search Path Element vulnerability in Solarwinds Platform SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. | 7.8 |
| 2024-10-16 | CVE-2024-45711 | Path Traversal vulnerability in Solarwinds Serv-U SolarWinds Serv-U is vulnerable to a directory traversal vulnerability where remote code execution is possible depending on privileges given to the authenticated user. | 8.8 |
| 2024-09-12 | CVE-2024-28991 | Unspecified vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) was found to be susceptible to a remote code execution vulnerability. | 8.8 |
| 2024-07-17 | CVE-2024-23472 | Path Traversal vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. | 8.8 |
| 2024-06-06 | CVE-2024-28995 | Path Traversal vulnerability in Solarwinds Serv-U SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine. | 7.5 |
| 2024-06-04 | CVE-2024-28996 | SQL Injection vulnerability in Solarwinds Platform The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. | 8.1 |
| 2024-06-04 | CVE-2024-28999 | Race Condition vulnerability in Solarwinds Platform The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console. | 8.1 |
| 2024-02-15 | CVE-2024-23478 | Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. | 8.0 |
| 2024-02-06 | CVE-2023-35188 | SQL Injection vulnerability in Solarwinds Platform SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform. | 8.8 |
| 2024-02-06 | CVE-2023-50395 | SQL Injection vulnerability in Solarwinds Platform SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform. | 8.8 |