Vulnerabilities > Solarwinds > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2022-36962 | Command Injection vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to Command Injection. | 7.2 |
| 2022-11-29 | CVE-2022-36964 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 8.8 |
| 2022-10-20 | CVE-2022-36957 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2022-10-20 | CVE-2022-36958 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 8.8 |
| 2022-10-20 | CVE-2022-38108 | Deserialization of Untrusted Data vulnerability in Solarwinds Orion Platform SolarWinds Platform was susceptible to the Deserialization of Untrusted Data. | 7.2 |
| 2022-09-30 | CVE-2022-36961 | SQL Injection vulnerability in Solarwinds Orion Platform A vulnerable component of Orion Platform was vulnerable to SQL Injection, an authenticated attacker could leverage this for privilege escalation or remote code execution. | 8.8 |
| 2022-04-25 | CVE-2021-35250 | Path Traversal vulnerability in Solarwinds Serv-U 15.3 A researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. | 7.5 |
| 2022-03-25 | CVE-2021-35254 | Unspecified vulnerability in Solarwinds Webhelpdesk SolarWinds received a report of a vulnerability related to an input that was not sanitized in WebHelpDesk. | 8.8 |
| 2021-12-23 | CVE-2021-35243 | Unspecified vulnerability in Solarwinds web Help Desk The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. | 7.5 |
| 2021-12-20 | CVE-2021-35234 | SQL Injection vulnerability in Solarwinds Orion Platform Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. | 8.8 |