Vulnerabilities in SolarWinds
191 resultsCVE-2022-47508HIGHDisable NTLM: SAM 2022.4 EPSS 0.8%CVE-2021-35242HIGHA valid CSRF token is present in response to an invalid requestEPSS 0.7%CVE-2024-29003HIGHSolarWinds Platform Cross Site Scripting Vulnerability EPSS 0.7%CVE-2022-38106MEDIUMCross-Site Scripting Vulnerability in Serv-U Web ClientEPSS 0.7%CVE-2023-3622MEDIUMAccess Control Bypass Vulnerability in the SolarWinds Platform EPSS 0.7%CVE-2022-38115MEDIUMInsecure Methods VulnerabilityEPSS 0.7%CVE-2022-38113MEDIUMInformation Disclosure Vulnerability EPSS 0.7%CVE-2025-40548CRITICALSolarWinds Serv-U Broken Access Control - Remote Code Execution VulnerabilityEPSS 0.6%CVE-2021-35249MEDIUMDomain Admin Broken Access ControlEPSS 0.6%CVE-2024-28072MEDIUMArbitrary File Overwrite VulnerabilityEPSS 0.6%CVE-2022-47506HIGHSolarWinds Platform Directory Traversal VulnerabilityEPSS 0.6%CVE-2024-29001HIGHSolarWinds Platform SWQL Injection Vulnerability EPSS 0.6%CVE-2022-38107MEDIUMSensitive Data Disclosure VulnerabilityEPSS 0.6%CVE-2025-40541CRITICALSolarWinds Serv-U Insecure Direct Object Reference (IDOR) Remote Code Execution VulnerabilityEPSS 0.6%CVE-2022-36965MEDIUMStored and DOM XSS in QoE Applications: Orion PlatformEPSS 0.6%CVE-2021-35228MEDIUMReflected cross site scripting affecting SolarWinds: DPA 2021.3.7388EPSS 0.6%CVE-2025-40537HIGHSolarWinds Web Help Desk Hardcoded Credentials VulnerabilityEPSS 0.5%CVE-2021-35252HIGHCommon Key Vulnerability in Serv-U FTP ServerEPSS 0.5%CVE-2022-47509MEDIUMSolarWinds Platform Incorrect Input Neutralization VulnerabilityEPSS 0.5%CVE-2022-38114MEDIUMClient-Side Desync Vulnerability EPSS 0.5%