| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-36961 | Orion Platform SQL Injection Privilege Escalation Vulnerability | SolarWinds | Orion Platform | High | 8.8 | 2022-09-30 16:06:10 | Deep Dive |
| CVE-2021-35249 | Domain Admin Broken Access Control | SolarWinds | Serv-U | Medium | 4.3 | 2022-05-17 19:44:55 | Deep Dive |
| CVE-2021-35250 | Directory Transversal Vulnerability in Serv-U 15.3 | SolarWinds | Serv-U | High | 7.5 | 2022-04-25 19:47:55 | Deep Dive |
| CVE-2021-35229 | Cross-Site Scripting Vulnerability using SQL Query | SolarWinds | Database Performance Monitor | Medium | 6.8 | 2022-04-21 18:18:15 | Deep Dive |
| CVE-2021-35254 | Authenticated Remote Code Execution in WebHelpDesk 12.7.8 | SolarWinds | WebHelpDesk | High | 8.2 | 2022-03-25 18:02:27 | Deep Dive |
| CVE-2021-35251 | Sensitive Data Disclosure Vulnerability | SolarWinds | Web Help Desk | Medium | 5.3 | 2022-03-09 15:38:02 | Deep Dive |
| CVE-2021-35247 | Improper Input Validation Vulnerability in Serv-U | SolarWinds | Serv-U | Medium | 4.3 | 2022-01-07 22:39:51 | Deep Dive |
| CVE-2021-35232 | Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries | SolarWinds | Web Help Desk | Medium | 6.8 | 2021-12-27 18:48:18 | Deep Dive |
| CVE-2021-35243 | HTTP PUT & DELETE Methods Enabled | SolarWinds | Web Help Desk | Medium | 5.3 | 2021-12-23 19:48:35 | Deep Dive |
| CVE-2021-35234 | Exposed Dangerous Functions - Privileged Escalation | SolarWinds | Orion Core | High | 8.0 | 2021-12-20 20:08:26 | Deep Dive |
| CVE-2021-35244 | Unrestricted File Upload Causing Remote Code Execution: Orion Platform 2020.2.6 | SolarWinds | Orion Platform | Medium | 6.8 | 2021-12-20 20:08:25 | Deep Dive |
| CVE-2021-35248 | Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users | SolarWinds | Orion | Medium | 6.8 | 2021-12-20 20:08:24 | Deep Dive |
| CVE-2021-35242 | A valid CSRF token is present in response to an invalid request | SolarWinds | Serv-U Server | High | 8.3 | 2021-12-06 16:53:22 | Deep Dive |
| CVE-2021-35245 | Broken Access Control Vulnerability for SolarWinds Serv-U | SolarWinds | Serv-U FTP | High | 8.4 | 2021-12-06 16:52:02 | Deep Dive |
| CVE-2021-35237 | Clickjacking Vulnerability | SolarWinds | Kiwi Syslog Server | Medium | 5.0 | 2021-10-29 13:32:18 | Deep Dive |
| CVE-2021-35236 | Missing Secure Flag From SSL Cookie | SolarWinds | Kiwi Syslog Server | Low | 3.1 | 2021-10-27 00:57:02 | Deep Dive |
| CVE-2021-35235 | ASP.NET Debug Feature Enabled | SolarWinds | Kiwi Syslog Server | Medium | 5.3 | 2021-10-27 00:55:43 | Deep Dive |
| CVE-2021-35233 | HTTP TRACK & TRACE Methods Enabled | SolarWinds | Kiwi Syslog Server | Medium | 5.3 | 2021-10-27 00:51:36 | Deep Dive |
| CVE-2021-35231 | Unquoted Path (SMB Login) Vulnerability | SolarWinds | Kiwi Syslog Server | Medium | 6.7 | 2021-10-25 13:00:30 | Deep Dive |
| CVE-2021-35230 | Unquoted Path Vulnerability (SMB Login) in Kiwi CatTools | SolarWinds | Kiwi CatTools | Medium | 6.7 | 2021-10-22 11:19:25 | Deep Dive |