CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

176 matches found

The Hacker News•added 2026/01/09 9:11 a.m.•7 views

CISA Retires 10 Emergency Cybersecurity Directives Issued Between 2019 and 2024

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday said it's retiring 10 emergency directives Eds that were issued between 2019 and 2024. The list of the directives now considered closed is as follows - ED 19-01: Mitigate DNS Infrastructure Tampering ED 20-02: Mitigate...

6.8AI score

Exploits0

RedhatCVE•added 2026/01/09 8:53 a.m.•3 views

CVE-2021-27258

This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper...

9.8CVSS7.1AI score0.08643EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:53 a.m.•3 views

CVE-2021-27277

This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Orion Virtual Infrastructure Monitor 2020.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific...

7.8CVSS7.2AI score0.02208EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:50 a.m.•6 views

CVE-2021-31475

This vulnerability allows remote attackers to execute arbitrary code on affected installations of SolarWinds Orion Job Scheduler 2020.2.1 HF 2. Authentication is required to exploit this vulnerability. The specific flaw exists within the JobRouterService WCF service. The issue is due to the WCF...

9CVSS7.3AI score0.10819EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:28 a.m.•7 views

CVE-2019-12864

SolarWinds Orion Platform 2018.4 HF3 NPM 12.4, NetPath 1.1.4 is vulnerable to Information Leakage, because of improper error handling with stack traces, as demonstrated by discovering a full pathname upon a 500 Internal Server Error via the api2/swis/query?lang=en-us=false query parameter...

5.5CVSS6.9AI score0.00223EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:27 a.m.•5 views

CVE-2019-12954

SolarWinds Network Performance Monitor Orion Platform 2018, NPM 12.3, NetPath 1.1.3 allows XSS by authenticated users via a crafted onerror attribute of a VIDEO element in an action for an ALERT...

5.4CVSS5.9AI score0.02887EPSS

Exploits1References1