Vulnerabilities (CVE)

Vendor filter

Solarwinds Subscribe

Filter

3 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-19934 1 Solarwinds 1 Serv-u Ftp Server 2019-03-25 3.5
SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter.
CVE-2017-9537 1 Solarwinds 1 Network Performance Monitor 2018-10-09 3.5
Persistent cross-site scripting (XSS) in the Add Node function of SolarWinds Network Performance Monitor version 12.0.15300.90 allows remote attackers to introduce arbitrary JavaScript into various vulnerable parameters.
CVE-2016-5709 1 Solarwinds 1 Virtualization Manager 2016-11-30 1.9
SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack.