56 matches found
CVE-2025-26392
SolarWinds Observability Self-Hosted is affected by CVE-2025-26392: an SQL injection vulnerability that can disclose sensitive data when authenticated from a low-privilege account. The issue affects the product as described in multiple sources (NVD, Red Hat/CIRCL/CVE lists and related advisories)...
EUVD-2025-17689
Malicious code in bioql PyPI...
CVE-2025-26397
SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication fro...
CVE-2025-26397
SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication fro...
CVE-2025-26397 SolarWinds Observability Self-Hosted Deserialization of Untrusted Data Local Privilege Escalation Vulnerability
SolarWinds Observability Self-Hosted is susceptible to Deserialization of Untrusted Data Local Privilege Escalation vulnerability. An attacker with low privileges can escalate privileges to run malicious files copied to a permission-protected folder. This vulnerability requires authentication fro...
CVE-2025-26397
SolarWinds Observability Self-Hosted is affected by a Deserialization of Untrusted Data Local Privilege Escalation. A low-privilege attacker with local access and authentication can escalate to run code in a permission-protected folder. Connected sources provide concrete details: (1) root cause i...
PT-2025-30641 · Solarwinds · Solarwinds Observability Self-Hosted
Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: SolarWinds Observability Self-Hosted is susceptible to a Deserialization of Untrusted Data Local Privilege Escalation issue. An attacker with low privileges can...
SolarWinds Observability Self-Hosted 代码问题漏洞
SolarWinds Observability Self-Hosted is an observation platform from US-based SolarWinds. A code issue vulnerability exists in SolarWinds Observability Self-Hosted that stems from untrustworthy data deserialization, which could lead to local elevation of privilege...
CVE-2025-26395
SolarWinds Observability Self-Hosted was susceptible to a cross-site scripting XSS vulnerability due to an unsanitized field in the URL. The attack requires authentication using an administrator-level account and user interaction is required...
CVE-2025-26394
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...
CVE-2025-26394
SolarWinds Observability Self-Hosted is susceptible to an open redirection vulnerability. The URL is not properly sanitized, and an attacker could manipulate the string to redirect a user to a malicious site. The attack complexity is high, and authentication is required...
CVE-2025-26395
CVE-2025-26395 concerns SolarWinds Observability Self-Hosted, where an XSS vulnerability arises from an unsanitized URL field. The attack requires an administrator-level account and user interaction. Affected component details (version ranges, specific modules) and exact root cause are not explic...
CVE-2025-26394
CVE-2025-26394 affects SolarWinds Observability Self-Hosted and is an open redirection vulnerability caused by insufficient URL sanitization. The core issue is improper URL cleanup that could redirect users to a malicious site. The CVE entry lists CVSS v3.1 base score 4.8 (Medium) with adjacent a...
PT-2025-24667 · Solarwinds · Solarwinds Observability Self-Hosted
Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue is related to a cross-site scripting XSS vulnerability due to an unsanitized field in the URL. The attack requires authentication using an...
SolarWinds Observability Self-Hosted 跨站脚本漏洞
SolarWinds Observability Self-Hosted is an observation platform from SolarWinds, Inc. A cross-site scripting vulnerability exists in SolarWinds Observability Self-Hosted that stems from insufficient URL field cleanup and could lead to a cross-site scripting attack...
PT-2025-24666 · Solarwinds · Solarwinds Observability Self-Hosted
Name of the Vulnerable Software and Affected Versions: SolarWinds Observability Self-Hosted affected versions not specified Description: The issue concerns an open redirection vulnerability where the URL is not properly sanitized. This could allow an attacker to manipulate the string and redirect...