Filtered by vendor Solarwinds Subscriptions
Total 274 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-28995 1 Solarwinds 1 Serv-u 2024-11-29 8.6 High
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
CVE-2024-28987 1 Solarwinds 2 Web Help Desk, Webhelpdesk 2024-11-29 9.1 Critical
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
CVE-2024-29004 1 Solarwinds 1 Solarwinds Platform 2024-11-21 7.1 High
The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.
CVE-2024-28999 1 Solarwinds 1 Solarwinds Platform 2024-11-21 6.4 Medium
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
CVE-2024-28996 1 Solarwinds 1 Solarwinds Platform 2024-11-21 7.5 High
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability.  
CVE-2024-28993 1 Solarwinds 1 Access Rights Manager 2024-11-21 7.6 High
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.
CVE-2024-28992 1 Solarwinds 1 Access Rights Manager 2024-11-21 7.6 High
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.
CVE-2024-28074 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to exploit the vulnerability.
CVE-2024-23479 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
CVE-2024-23478 1 Solarwinds 1 Access Rights Manager 2024-11-21 8 High
SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service, resulting in remote code execution.
CVE-2024-23477 1 Solarwinds 1 Access Rights Manager 2024-11-21 7.9 High
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve a Remote Code Execution.
CVE-2024-23476 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
The SolarWinds Access Rights Manager (ARM) was found to be susceptible to a Directory Traversal Remote Code Execution Vulnerability. If exploited, this vulnerability allows an unauthenticated user to achieve the Remote Code Execution.
CVE-2024-23475 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.
CVE-2024-23474 1 Solarwinds 1 Access Rights Manager 2024-11-21 7.6 High
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability.
CVE-2024-23472 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
CVE-2024-23471 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution.
CVE-2024-23470 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables.
CVE-2024-23469 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.
CVE-2024-23468 1 Solarwinds 1 Access Rights Manager 2024-11-21 7.6 High
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.
CVE-2024-23467 1 Solarwinds 1 Access Rights Manager 2024-11-21 9.6 Critical
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.