← Back

Solarwinds

solarwinds

317 CVEs • 57 products

Products (57)

Click to collapse
Toggle
Orion Platform
orion_platform
49 CVEs
Serv U
serv-u
39 CVEs
Access Rights Manager
access_rights_manager
32 CVEs
Solarwinds Platform
solarwinds_platform
27 CVEs
Serv U File Server
serv-u_file_server
20 CVEs
Web Help Desk
web_help_desk
20 CVEs
Serv U Ftp Server
serv-u_ftp_server
11 CVEs
Database Performance Analyzer
database_performance_analyzer
10 CVEs
Orion Network Performance Monitor
orion_network_performance_monitor
9 CVEs
N Central
n-central
9 CVEs
Network Performance Monitor
network_performance_monitor
8 CVEs
Observability Self Hosted
observability_self-hosted
8 CVEs
Dameware Mini Remote Control
dameware_mini_remote_control
7 CVEs
Network Configuration Manager
network_configuration_manager
7 CVEs
Tftp Server
tftp_server
6 CVEs
Webhelpdesk
webhelpdesk
6 CVEs
Log And Event Manager
log_and_event_manager
5 CVEs
Kiwi Syslog Server
kiwi_syslog_server
5 CVEs
Orion Web Performance Monitor
orion_web_performance_monitor
4 CVEs
Security Event Manager
security_event_manager
4 CVEs
Server And Application Monitor
server_and_application_monitor
3 CVEs
Storage Manager
storage_manager
3 CVEs
Virtualization Manager
virtualization_manager
3 CVEs
Log & Event Manager
log_&_event_manager
3 CVEs
Patch Manager
patch_manager
3 CVEs
Ftp Voyager
ftp_voyager
2 CVEs
Sftp/scp Server
sftp/scp_server
2 CVEs
Serv U Mft Server
serv-u_mft_server
2 CVEs
Netpath
netpath
2 CVEs
Kiwi Cattools
kiwi_cattools
2 CVEs
Ip Address Manager Web Interface
ip_address_manager_web_interface
1 CVE
Dameware Remote Support
dameware_remote_support
1 CVE
Orion Ip Address Manager
orion_ip_address_manager
1 CVE
Orion Netflow Traffic Analyzer
orion_netflow_traffic_analyzer
1 CVE
Orion Network Configuration Manager
orion_network_configuration_manager
1 CVE
Orion Server And Application Manager
orion_server_and_application_manager
1 CVE
Orion User Device Tracker
orion_user_device_tracker
1 CVE
Orion Voip & Network Quality Manager
orion_voip_&_network_quality_manager
1 CVE
Firewall Security Manager
firewall_security_manager
1 CVE
N Able N Central
n-able_n-central
1 CVE
Storage Resource Monitor
storage_resource_monitor
1 CVE
Backup Profiler
backup_profiler
1 CVE
Storage Profiler
storage_profiler
1 CVE
Network Performance Monitor Orion Platform 2018 Netpath
network_performance_monitor_orion_platform_2018_netpath
1 CVE
Network Performance Monitor Orion Platform 2018 Npm
network_performance_monitor_orion_platform_2018_npm
1 CVE
Serv U Managed File Transfer
serv-u_managed_file_transfer
1 CVE
Dameware
dameware
1 CVE
Managed Service Provider Patch Management Engine
managed_service_provider_patch_management_engine
1 CVE
Advanced Monitoring Agent
advanced_monitoring_agent
1 CVE
Help Desk
help_desk
1 CVE
Orion Job Scheduler
orion_job_scheduler
1 CVE
Pingdom
pingdom
1 CVE
Database Performance Monitor
database_performance_monitor
1 CVE
Sql Sentry
sql_sentry
1 CVE
Engineer's Toolset
engineer's_toolset
1 CVE
Dynamips
dynamips
1 CVE
Network Configuration Monitor
network_configuration_monitor
1 CVE

CVEs (317)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-28987
1Solarwinds
1Web Help Desk
Oct 27, 2025
Aug 21, 2024
N/A· v4
9.1 CRITICAL· v3
N/A· v2
The SolarWinds Web Help Desk (WHD) software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data.
CVE-2024-28986
1Solarwinds
1Web Help Desk
Oct 27, 2025
Aug 13, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported...Show more
SolarWinds Web Help Desk was found to be susceptible to a Java Deserialization Remote Code Execution vulnerability that, if exploited, would allow an attacker to run commands on the host machine. While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing.   However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available.Show less
CVE-2024-28993
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.3 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensit...Show more
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.Show less
CVE-2024-28992
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.3 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensit...Show more
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.Show less
CVE-2024-28074
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to e...Show more
It was discovered that a previous vulnerability was not completely fixed with SolarWinds Access Rights Manager. While some controls were implemented the researcher was able to bypass these and use a different method to exploit the vulnerability.Show less
CVE-2024-23475
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensit...Show more
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.Show less
CVE-2024-23474
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was found to be susceptible to an Arbitrary File Deletion and Information Disclosure vulnerability.
CVE-2024-23472
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.0 HIGH· v3
N/A· v2
SolarWinds Access Rights Manager (ARM) is susceptible to Directory Traversal vulnerability. This vulnerability allows an authenticated user to arbitrary read and delete files in ARM.
CVE-2024-23471
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote c...Show more
The SolarWinds Access Rights Manager was found to be susceptible to a Remote Code Execution Vulnerability. If exploited, this vulnerability allows an authenticated user to abuse a SolarWinds service resulting in remote code execution. Show less
CVE-2024-23470
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executable...Show more
The SolarWinds Access Rights Manager was found to be susceptible to a pre-authentication remote code execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to run commands and executables. Show less
CVE-2024-23469
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
SolarWinds Access Rights Manager (ARM) is susceptible to a Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges.
CVE-2024-23468
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.3 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensit...Show more
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform arbitrary file deletion and leak sensitive information.Show less
CVE-2024-23467
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was susceptible to a Directory Traversal and Information Disclosure Vulnerability. This vulnerability allows an unauthenticated user to perform remote code execution.
CVE-2024-23466
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privi...Show more
SolarWinds Access Rights Manager (ARM) is susceptible to a Directory Traversal Remote Code Execution vulnerability. If exploited, this vulnerability allows an unauthenticated user to perform the actions with SYSTEM privileges. Show less
CVE-2024-23465
1Solarwinds
1Access Rights Manager
Feb 26, 2025
Jul 17, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory enviro...Show more
The SolarWinds Access Rights Manager was found to be susceptible to an authentication bypass vulnerability. This vulnerability allows an unauthenticated user to gain domain admin access within the Active Directory environment.   Show less
CVE-2024-28995
1Solarwinds
1Serv U
Feb 26, 2026
Jun 6, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to read sensitive files on the host machine.
CVE-2024-29004
1Solarwinds
1Solarwinds Platform
Feb 26, 2025
Jun 4, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The SolarWinds Platform was determined to be affected by a stored cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.
CVE-2024-28999
1Solarwinds
1Solarwinds Platform
Feb 26, 2025
Jun 4, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
The SolarWinds Platform was determined to be affected by a Race Condition Vulnerability affecting the web console.
CVE-2024-28996
1Solarwinds
1Solarwinds Platform
Feb 26, 2025
Jun 4, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
The SolarWinds Platform was determined to be affected by a SWQL Injection Vulnerability. Attack complexity is high for this vulnerability.  
CVE-2024-29000
1Solarwinds
1Solarwinds Platform
Feb 26, 2025
May 20, 2024
N/A· v4
4.3 MEDIUM· v3
N/A· v2
The SolarWinds Platform was determined to be affected by a reflected cross-site scripting vulnerability affecting the web console. A high-privileged user and user interaction is required to exploit this vulnerability.