Lucene search
K

56 matches found

CVE
CVE
added 2025/10/21 7:46 a.m.21 views

CVE-2025-26392

SolarWinds Observability Self-Hosted is affected by CVE-2025-26392: an SQL injection vulnerability that can disclose sensitive data when authenticated from a low-privilege account. The issue affects the product as described in multiple sources (NVD, Red Hat/CIRCL/CVE lists and related advisories)...

5.4CVSS7.7AI score0.00214EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-17689

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00174EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/26 8:30 a.m.6 views

CVE-2025-26397

SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication fro...

7.8CVSS7.4AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2025/07/24 8:15 a.m.5 views

CVE-2025-26397

SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication fro...

7.8CVSS5.8AI score0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/24 7:57 a.m.12 views

CVE-2025-26397 SolarWinds Observability Self-Hosted Deserialization of Untrusted Data Local Privilege Escalation Vulnerability

SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication fro...

7.8CVSS0.00288EPSS
Exploits0References2
CVE
CVE
added 2025/07/24 7:57 a.m.29 views

CVE-2025-26397

SolarWinds Observability Self-Hosted is affected by a Deserialization of Untrusted Data Local Privilege Escalation. A low-privilege attacker with local access and authentication can escalate to run code in a permission-protected folder. Connected sources provide concrete details: (1) root cause i...

7.8CVSS6.5AI score0.00288EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/07/24 12:0 a.m.4 views

PT-2025-30641 · Solarwinds · Solarwinds Observability Self-Hosted

Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: SolarWinds Observability Self-Hosted is susceptible to a Deserialization of Untrusted Data Local Privilege Escalation issue. An attacker with low privileges can...

7.8CVSS6.6AI score0.00288EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/07/24 12:0 a.m.5 views

SolarWinds Observability Self-Hosted 代码问题漏洞

SolarWinds Observability Self-Hosted is an observation platform from US-based SolarWinds. A code issue vulnerability exists in SolarWinds Observability Self-Hosted that stems from untrustworthy data deserialization, which could lead to local elevation of privilege...

7.8CVSS6.4AI score0.00288EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/12 3:21 p.m.5 views

CVE-2025-26395

SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting XSS vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required...

7.1CVSS6.5AI score0.00188EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/06/12 3:21 p.m.7 views

CVE-2025-26394

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

4.8CVSS5.1AI score0.00174EPSS
Exploits0References1
OSV
OSV
added 2025/06/10 3:15 p.m.4 views

CVE-2025-26394

SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...

4.8CVSS5.7AI score0.00174EPSS
Exploits0References2
CVE
CVE
added 2025/06/10 2:41 p.m.64 views

CVE-2025-26395

CVE-2025-26395 concerns SolarWinds Observability Self-Hosted, where an XSS vulnerability arises from an unsanitized URL field. The attack requires an administrator-level account and user interaction. Affected component details (version ranges, specific modules) and exact root cause are not explic...

7.1CVSS6.5AI score0.00188EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/06/10 2:39 p.m.54 views

CVE-2025-26394

CVE-2025-26394 affects SolarWinds Observability Self-Hosted and is an open redirection vulnerability caused by insufficient URL sanitization. The core issue is improper URL cleanup that could redirect users to a malicious site. The CVE entry lists CVSS v3.1 base score 4.8 (Medium) with adjacent a...

4.8CVSS5.1AI score0.00174EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.4 views

PT-2025-24667 · Solarwinds · Solarwinds Observability Self-Hosted

Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue is related to a cross-site scripting XSS vulnerability due to an unsanitized field in the URL. The attack requires authentication using an...

7.1CVSS5.4AI score0.00188EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.5 views

SolarWinds Observability Self-Hosted 跨站脚本漏洞

SolarWinds Observability Self-Hosted is an observation platform from SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Observability Self-Hosted that stems from insufficient URL field cleanup and could lead to a cross-site scripting attack...

7.1CVSS6AI score0.00188EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/10 12:0 a.m.6 views

PT-2025-24666 · Solarwinds · Solarwinds Observability Self-Hosted

Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue concerns an open redirection vulnerability where the URL is not properly sanitized. This could allow an attacker to manipulate the string and redirect...

4.8CVSS6.2AI score0.00174EPSS
Exploits0References5
Rows per page
Query Builder