Vulnerabilities > Solarwinds > High

DATE CVE VULNERABILITY TITLE RISK
2024-02-15 CVE-2024-23478 Deserialization of Untrusted Data vulnerability in Solarwinds Access Rights Manager
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability.
low complexity
solarwinds CWE-502
8.0
8.0
2024-02-06 CVE-2023-35188 SQL Injection vulnerability in Solarwinds Platform
SQL Injection Remote Code Execution Vulnerability was found using a create statement in the SolarWinds Platform.
network
low complexity
solarwinds CWE-89
8.8
8.8
2024-02-06 CVE-2023-50395 SQL Injection vulnerability in Solarwinds Platform
SQL Injection Remote Code Execution Vulnerability was found using an update statement in the SolarWinds Platform.
network
low complexity
solarwinds CWE-89
8.8
8.8
2023-11-28 CVE-2023-40056 SQL Injection vulnerability in Solarwinds Platform
SQL Injection Remote Code Vulnerability was found in the SolarWinds Platform.
network
low complexity
solarwinds CWE-89
8.8
8.8
2023-11-09 CVE-2023-40054 Path Traversal vulnerability in Solarwinds Network Configuration Manager
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability.
network
low complexity
solarwinds CWE-22
8.8
8.8
2023-11-09 CVE-2023-40055 Path Traversal vulnerability in Solarwinds Network Configuration Manager
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability.
network
low complexity
solarwinds CWE-22
8.8
8.8
2023-11-01 CVE-2023-33226 Path Traversal vulnerability in Solarwinds Network Configuration Manager
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability.
network
low complexity
solarwinds CWE-22
8.8
8.8
2023-11-01 CVE-2023-33227 Path Traversal vulnerability in Solarwinds Network Configuration Manager
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges.
network
low complexity
solarwinds CWE-22
8.8
8.8
2023-11-01 CVE-2023-40061 Improper Input Validation vulnerability in Solarwinds Platform
 Insecure job execution mechanism vulnerability.
low complexity
solarwinds CWE-20
8.8
8.8
2023-11-01 CVE-2023-40062 Improper Input Validation vulnerability in Solarwinds Platform
SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability.
network
low complexity
solarwinds CWE-20
8.8
8.8