Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-28318 KEV |
|
[KEV] Vulnerability in Solarwinds serv-u (CVE-2026-28318)
vulnerability in Solarwinds serv-u (CVE-2026-28318). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2026-28299 |
|
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
SolarWinds Web Help Desk is found to be affected by a denial-of-service vulnerability, which when...
|
| CVE-2025-26399 KEV |
|
[KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-26399)
vulnerability in Solarwinds web-help-desk (CVE-2025-26399). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-40536 KEV |
|
[KEV] Vulnerability in Solarwinds web-help-desk (CVE-2025-40536)
vulnerability in Solarwinds web-help-desk (CVE-2025-40536). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2025-40551 KEV |
|
[KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2025-40551)
vulnerability in Solarwinds web-help-desk (CVE-2025-40551). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-28987 KEV |
|
[KEV] Vulnerability in Solarwinds web-help-desk (CVE-2024-28987)
vulnerability in Solarwinds web-help-desk (CVE-2024-28987). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-28986 KEV |
|
[KEV] Unsafe Deserialization in Solarwinds web-help-desk (CVE-2024-28986)
vulnerability in Solarwinds web-help-desk (CVE-2024-28986). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2024-28995 KEV |
|
[KEV] Path Traversal in Solarwinds serv-u (CVE-2024-28995)
path traversal in Solarwinds serv-u (CVE-2024-28995). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-35247 KEV |
|
[KEV] Vulnerability in Solarwinds serv-u (CVE-2021-35247)
vulnerability in Solarwinds serv-u (CVE-2021-35247). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2021-35211 KEV |
|
[KEV] Out-of-Bounds Write in Solarwinds serv-u (CVE-2021-35211)
out-of-bounds write in Solarwinds serv-u (CVE-2021-35211). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2016-3643 KEV |
|
[KEV] Vulnerability in Solarwinds virtualization-manager (CVE-2016-3643)
vulnerability in Solarwinds virtualization-manager (CVE-2016-3643). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2020-10148 KEV |
|
[KEV] Vulnerability in Solarwinds orion (CVE-2020-10148)
vulnerability in Solarwinds orion (CVE-2020-10148). Risk of unauthorized operations or information disclosure. Listed in CISA KEV — actively exploited.
|
| CVE-2012-2576 |
|
SQL Injection in sqli (CVE-2012-2576)
SQL injection in sqli (CVE-2012-2576). Successful exploitation can lead to full system takeover.
|
| CVE-2017-9537 |
|
Cross-Site Scripting (XSS) in solarwinds (CVE-2017-9537)
cross-site scripting in solarwinds (CVE-2017-9537). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-9538 |
|
Vulnerability in dos (CVE-2017-9538)
vulnerability in dos (CVE-2017-9538). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7722 |
|
Command Injection in solarwinds (CVE-2017-7722)
command injection in solarwinds (CVE-2017-7722). Successful exploitation can lead to full system takeover.
|
| CVE-2017-7646 |
|
Information Disclosure in solarwinds (CVE-2017-7646)
vulnerability in solarwinds (CVE-2017-7646). Confidential information can be exposed externally.
|
| CVE-2017-7647 |
|
Vulnerability in solarwinds (CVE-2017-7647)
vulnerability in solarwinds (CVE-2017-7647). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5198 |
|
Vulnerability in solarwinds (CVE-2017-5198)
vulnerability in solarwinds (CVE-2017-5198). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5199 |
|
Vulnerability in solarwinds (CVE-2017-5199)
vulnerability in solarwinds (CVE-2017-5199). Successful exploitation can lead to full system takeover.
|
| CVE-2017-6803 |
|
Cross-Site Request Forgery (CSRF) in csrf (CVE-2017-6803)
vulnerability in csrf (CVE-2017-6803). Successful exploitation can lead to full system takeover.
|