The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2021-35234 | Numerous exposed dangerous functions within Orion Core has allows for read-only SQL injection leading to privileged escalation. An attacker with low-user privileges may steal password hashes and password salt information. | MEDIUM | Dec 23, 2021 | n/a |
| CVE-2021-35233 | The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. These methods are intended for diagnostic purposes only. If enabled, the web server will respond to requests that use these methods by returning exact HTTP request that was received in the response to the client. This may lead to the disclosure of sensitive information such as internal authentication headers appended by reverse proxies. | MEDIUM | Oct 28, 2021 | n/a |
| CVE-2021-35232 | Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database. | LOW | Dec 27, 2021 | n/a |
| CVE-2021-35231 | As a result of an unquoted service path vulnerability present in the Kiwi Syslog Server Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. Example vulnerable path: Computer\\HKEY_LOCAL_MACHINE\\SYSTEM\\ControlSet001\\Services\\Kiwi Syslog Server\\Parameters\\Application. | MEDIUM | Oct 28, 2021 | n/a |
| CVE-2021-35230 | As a result of an unquoted service path vulnerability present in the Kiwi CatTools Installation Wizard, a local attacker could gain escalated privileges by inserting an executable into the path of the affected service or uninstall entry. | HIGH | Oct 22, 2021 | n/a |
| CVE-2021-35229 | Cross-site scripting vulnerability is present in Database Performance Monitor 2022.1.7779 and previous versions when using a complex SQL query | MEDIUM | Apr 22, 2022 | n/a |
| CVE-2021-35228 | This vulnerability occurred due to missing input sanitization for one of the output fields that is extracted from headers on specific section of page causing a reflective cross site scripting attack. An attacker would need to perform a Man in the Middle attack in order to change header for a remote victim. | LOW | Oct 21, 2021 | n/a |
| CVE-2021-35227 | The HTTP interface was enabled for RabbitMQ Plugin in ARM 2020.2.6 and the ability to configure HTTPS was not available. | MEDIUM | Oct 21, 2021 | n/a |
| CVE-2021-35226 | An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service (SWIS). Exposed credentials are encrypted and require authenticated access with an NCM role. | -- | Oct 11, 2022 | n/a |
| CVE-2021-35225 | Each authenticated Orion Platform user in a MSP (Managed Service Provider) environment can view and browse all NetPath Services from all that MSP\'s customers. This can lead to any user having a limited insight into other customer\'s infrastructure and potential data cross-contamination. | MEDIUM | Oct 21, 2021 | n/a |
| CVE-2021-35223 | The Serv-U File Server allows for events such as user login failures to be audited by executing a command. This command can be supplied with parameters that can take the form of user string variables, allowing remote code execution. | MEDIUM | Aug 31, 2021 | n/a |
| CVE-2021-35222 | This vulnerability allows attackers to impersonate users and perform arbitrary actions leading to a Remote Code Execution (RCE) from the Alerts Settings page. | MEDIUM | Aug 31, 2021 | n/a |
| CVE-2021-35221 | Improper Access Control Tampering Vulnerability using ImportAlert function which can lead to a Remote Code Execution (RCE) from the Alerts Settings page. | MEDIUM | Aug 31, 2021 | n/a |
| CVE-2021-35220 | Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution (RCE) from the Alerts Settings page. | MEDIUM | Aug 31, 2021 | n/a |
| CVE-2021-35219 | ExportToPdfCmd Arbitrary File Read Information Disclosure Vulnerability using ImportAlert function within the Alerts Settings page. | MEDIUM | Aug 31, 2021 | n/a |
| CVE-2021-35218 | Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server | MEDIUM | Sep 1, 2021 | n/a |
| CVE-2021-35217 | Insecure Deseralization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module and reported to us by ZDI. An Authenticated Attacker could exploit it by executing WSAsyncExecuteTasks deserialization of untrusted data. | MEDIUM | Sep 9, 2021 | n/a |
| CVE-2021-35216 | Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution. | HIGH | Sep 1, 2021 | n/a |
| CVE-2021-35215 | Insecure deserialization leading to Remote Code Execution was detected in the Orion Platform version 2020.2.5. Authentication is required to exploit this vulnerability. | MEDIUM | Sep 1, 2021 | n/a |
| CVE-2021-35214 | The vulnerability in SolarWinds Pingdom can be described as a failure to invalidate user session upon password or email address change. When running multiple active sessions in separate browser windows, it was observed a password or email address change could be changed without terminating the user session. This issue has been resolved on September 13, 2021. | LOW | Oct 15, 2021 | n/a |
| CVE-2021-35213 | An Improper Access Control Privilege Escalation Vulnerability was discovered in the User Setting of Orion Platform version 2020.2.5. It allows a guest user to elevate privileges to the Administrator using this vulnerability. Authentication is required to exploit the vulnerability. | HIGH | Aug 31, 2021 | n/a |
| CVE-2021-35212 | An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user. | HIGH | Aug 31, 2021 | n/a |
| CVE-2021-35211 | Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability. | HIGH | Jul 15, 2021 | n/a |
| CVE-2021-35210 | Contao 4.5.x through 4.9.x before 4.9.16, and 4.10.x through 4.11.x before 4.11.5, allows XSS. It is possible to inject code into the tl_log table that will be executed in the browser when the system log is called in the back end. | MEDIUM | Jun 23, 2021 | n/a |
| CVE-2021-35209 | An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.x before 9.0.0 Patch 16. The value of the X-Host header overwrites the value of the Host header in proxied requests. The value of X-Host header is not checked against the whitelist of hosts Zimbra is allowed to proxy to (the zimbraProxyAllowedDomains setting). | MEDIUM | Jul 2, 2021 | n/a |
| CVE-2021-35208 | An issue was discovered in ZmMailMsgView.js in the Calendar Invite component in Zimbra Collaboration Suite 8.8.x before 8.8.15 Patch 23. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document. | LOW | Jul 2, 2021 | n/a |
| CVE-2021-35207 | An issue was discovered in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.0 before 9.0.0 Patch 16. An XSS vulnerability exists in the login component of Zimbra Web Client, in which an attacker can execute arbitrary JavaScript by adding executable JavaScript to the loginErrorCode parameter of the login url. | MEDIUM | Jul 2, 2021 | n/a |
| CVE-2021-35206 | Gitpod before 0.6.0 allows unvalidated redirects. | MEDIUM | Jun 24, 2021 | n/a |
| CVE-2021-35205 | NETSCOUT Systems nGeniusONE version 6.3.0 build 1196 allows URL redirection in redirector. | MEDIUM | Oct 4, 2021 | n/a |
| CVE-2021-35204 | NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Reflected Cross-Site Scripting (XSS) in the support endpoint. | LOW | Oct 4, 2021 | n/a |
| CVE-2021-35203 | NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Arbitrary File Read operations via the FDSQueryService endpoint. | LOW | Oct 4, 2021 | n/a |
| CVE-2021-35202 | NETSCOUT Systems nGeniusONE 6.3.0 build 1196 allows Authorization Bypass (to access an endpoint) in FDSQueryService. | MEDIUM | Oct 4, 2021 | n/a |
| CVE-2021-35201 | NEI in NETSCOUT nGeniusONE 6.3.0 build 1196 allows XML External Entity (XXE) attacks. | MEDIUM | Oct 4, 2021 | n/a |
| CVE-2021-35200 | NETSCOUT nGeniusONE 6.3.0 build 1196 allows high-privileged users to achieve Stored Cross-Site Scripting (XSS) in FDSQueryService. | LOW | Oct 4, 2021 | n/a |
| CVE-2021-35199 | NETSCOUT nGeniusONE 6.3.0 build 1196 and earlier allows Stored Cross-Site Scripting (XSS) in UploadFile. | LOW | Oct 4, 2021 | n/a |
| CVE-2021-35198 | NETSCOUT nGeniusONE 6.3.0 build 1004 and earlier allows Stored Cross-Site Scripting (XSS) in the Packet Analysis module. | LOW | Oct 4, 2021 | n/a |
| CVE-2021-35197 | In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access. When a bot account has a sitewide block applied, it is able to still purge pages through the MediaWiki Action API (which a sitewide block should have prevented). | MEDIUM | Jul 2, 2021 | n/a |
| CVE-2021-35196 | Manuskript through 0.12.0 allows remote attackers to execute arbitrary code via a crafted settings.pickle file in a project file, because there is insecure deserialization via the pickle.load() function in settings.py. NOTE: the vendor\'s position is that the product is not intended for opening an untrusted project file | MEDIUM | Jun 25, 2021 | n/a |
| CVE-2021-35193 | Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers\' installations (that have the same software version). This provides remote access to SQL database credentials. (In the normal use of the product, retrieving those credentials only occurs after a username/password authentication step; however, this authentication step is on the client side, and an attacker can develop their own client that skips this step.) | MEDIUM | Jul 31, 2021 | n/a |
| CVE-2021-35135 | A null pointer dereference may potentially occur during RSA key import in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | -- | Sep 2, 2022 | n/a |
| CVE-2021-35134 | Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | -- | Sep 2, 2022 | n/a |
| CVE-2021-35133 | Use after free in the synx driver issue while performing other functions during multiple invocation of synx release calls in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | -- | Sep 2, 2022 | n/a |
| CVE-2021-35132 | Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | -- | Sep 2, 2022 | n/a |
| CVE-2021-35130 | Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | HIGH | Jun 14, 2022 | n/a |
| CVE-2021-35129 | Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | HIGH | Jun 14, 2022 | n/a |
| CVE-2021-35126 | Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | HIGH | Jun 14, 2022 | n/a |
| CVE-2021-35123 | Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT | HIGH | Jun 14, 2022 | n/a |
| CVE-2021-35122 | Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | -- | Sep 2, 2022 | n/a |
| CVE-2021-35121 | An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | MEDIUM | Jun 14, 2022 | n/a |
| CVE-2021-35120 | Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | MEDIUM | Jun 14, 2022 | n/a |
