40 matches found
CVE-2021-35218
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server...
CVE-2021-35216
Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution...
CVE-2021-35218
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server...
Remote code execution
Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution...
Deserialization of untrusted data
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server...
CVE-2021-35218
CVE-2021-35218 affects the SolarWinds Patch Manager Web Console Chart Endpoint. The root cause is deserialization of untrusted data, leading to remote code execution. An attacker with network access can exploit this (authentication is required in some advisories, but bypass is noted in at least o...
CVE-2021-35218 Chart Endpoint Deserialization of Untrusted Data Remote Code Execution Vulnerability
Deserialization of Untrusted Data in the Web Console Chart Endpoint can lead to remote code execution. An unauthorized attacker who has network access to the Orion Patch Manager Web Console could potentially exploit this and compromise the server...
CVE-2021-35216
CVE-2021-35216 affects SolarWinds Patch Manager Patch Manager Orion Platform Integration module. The issue is described as insecure deserialization of untrusted data, leading to remote code execution. The ZDI advisory specifies that the flaw exists in the EditResourceControls endpoint and enables...
CVE-2021-35216 Deserialization of Untrusted Data in Resource Controls Remote Code Execution
Insecure Deserialization of untrusted data remote code execution vulnerability was discovered in Patch Manager Orion Platform Integration module. An Authenticated Attacker with network access via HTTP can compromise this vulnerability can result in Remote Code Execution...
Solarwinds Orion Platform 代码问题漏洞
Solarwinds Orion Platform is a network fault and network performance management platform from Solarwinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...
Solarwinds Orion Patch Manager Web Console 代码问题漏洞
solarwinds Patch Manager is an application from solarwinds, Inc. It is used to manage third-party software. A security vulnerability exists in the Solarwinds Orion Patch Manager Web Console that stems from. deserialization of untrusted data in the Web Console chart endpoint could lead to remote...
CVE-2021-27240
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
CVE-2021-27240
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
Deserialization of untrusted data
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
CVE-2021-27240
SolarWinds Patch Manager 2020.2.1 is affected by CVE-2021-27240 due to deserialization of untrusted data in the DataGridService WCF service. The vulnerability enables local attackers who can execute low-privileged code on the target to escalate privileges to Administrator and run arbitrary code. ...
CVE-2021-27240
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager 2020.2.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within th...
solarwinds Patch Manager 代码问题漏洞
solarwinds Patch Manager is an application from solarwinds, Inc. It is used to manage third-party software. A security vulnerability in SolarWinds Patch Manager 2020.2.1, which exists due to a lack of proper validation of user-supplied data, can be exploited by an attacker to escalate privileges...
SolarWinds Patch Manager DataGridService Deserialization of Untrusted Data Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of SolarWinds Patch Manager. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
OllyDbg 2.01 alpha 4 released
OllyDbg 2.01 alpha 4 released Other new features in this version: - Patch manager, similar to 1.10 - Shortcut editor, supports weird things like Ctrl+Win+$ etc. Now you can customize and share your shortcuts. I haven't tested it on Win7, please report any found bugs and incompatibilities! -...
OllyDbg 2.01 alpha 4 released
OllyDbg 2.01 alpha 4 released Other new features in this version: - Patch manager, similar to 1.10 - Shortcut editor, supports weird things like Ctrl+Win+$ etc. Now you can customize and share your shortcuts. I haven't tested it on Win7, please report any found bugs and incompatibilities! -...