SolarWinds Database Performance Analyzer < 2025.3 Hard-coded Cryptographic Key (CVE-2025-26398)

According to its self-reported version, the SolarWinds Database Performance Analyzer DPA installation on the remote host is prior to 2025.3. It is, therefore, affected by a hard-coded cryptographic key vulnerability. If exploited, this vulnerability could allow a machine-in-the-middle MITM attack...

CVE-2018-19386

SolarWinds Database Performance Analyzer 11.1.457 contains an instance of Reflected XSS in its idcStateError component, where the page parameter is reflected into the HREF of the 'Try Again' Button on the page, aka a /iwc/idcStateError.iwc?page= URI...

EUVD-2025-24229

Malicious code in bioql PyPI...

CVE-2025-26398

SolarWinds Database Performance Analyzer was found to contain a hard-coded cryptographic key. If exploited, this vulnerability could lead to a machine-in-the-middle MITM attack against users. This vulnerability requires additional software not installed by default, local access to the server and...

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...

SolarWinds Database Performance Monitor 跨站脚本漏洞

SolarWinds Database Performance Monitor is a database performance monitoring and optimization software from SolarWinds USA. A security vulnerability exists in SolarWinds Database Performance Monitor 2022.1.7779, no information about this vulnerability is available at this time, please stay tuned ...

The vulnerability of D-Link DSR-150, DSR-150N, DSR-250, DSR-250N, DSR-500, DSR-500N, DSR-500AC, DSR-1000, DSR-1000N, and DSR-1000AC router microprogramming systems lies in the deficiencies in the algorithm for calculating the checksum. This vulnerability allows attackers to exploit their privileges and execute arbitrary code.

The vulnerability of the software for monitoring the performance of SolarWinds Database Performance Analyzer is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a malicious actor to execute a cross-site scripting attack remotely...

CVE-2018-16243

SolarWinds Database Performance Analyzer DPA 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, alertManagement.iwc, eventAnnotations.iwc, and central.cen...