Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2023-27925

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.02347EPSS
Exploits0References2
NVD
NVDadded 2023/04/25 9:15 p.m.8 views

CVE-2023-23839

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information...

6.5CVSS6.4AI score0.02347EPSS
Exploits0References2
Cvelist
Cvelistadded 2023/04/25 12:0 a.m.15 views

CVE-2023-23839 SolarWinds Platform Exposure of Sensitive Information Vulnerability

The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information...

6.5CVSS6.6AI score0.02347EPSS
Exploits0References2
Metasploit
Metasploitadded 2023/03/29 7:50 p.m.178 views

SolarWinds Information Service (SWIS) .NET Deserialization From AMQP RCE

The SolarWinds Information Service SWIS is vulnerable to RCE by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead to OS command...

7.2CVSS7.2AI score0.88632EPSS
Exploits3
0day.today
0day.todayadded 2023/03/28 12:0 a.m.254 views

SolarWinds Information Service (SWIS) Remote Command Execution Exploit

The SolarWinds Information Service SWIS is vulnerable to remote code execution by way of a crafted message received through the AMQP message queue. A malicious user that can authenticate to the AMQP service can publish such a crafted message whose body is a serialized .NET object which can lead t...

7.2CVSS8.1AI score0.88632EPSS
Exploits3
BDU FSTEC
BDU FSTECadded 2022/10/12 12:0 a.m.0 views

The vulnerability of the Solarwinds Information Service (SWIS) software’s Network Configuration Manager (NCM) allows a hacker to expose user credentials.

The vulnerability of the Solarwinds Information Service SWIS software’s Network Configuration Manager NCM lies in the ability to execute commands remotely. Exploiting this vulnerability could allow a malicious actor to gain access to user credentials...

6.8CVSS0.00312EPSS
Exploits0References2Affected Software1
NVD
NVDadded 2022/10/10 11:15 p.m.11 views

CVE-2021-35226

An entity in Network Configuration Manager product is misconfigured and exposing password field to Solarwinds Information Service SWIS. Exposed credentials are encrypted and require authenticated access with an NCM role...

6.5CVSS0.00312EPSS
Exploits0References1
Cvelist
Cvelistadded 2021/12/20 8:8 p.m.16 views

CVE-2021-35248 Unrestricted access to Orion.UserSettings SWIS entity for low-privilege users

It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings...

6.8CVSS6.9AI score0.00268EPSS
Exploits0References3
Rows per page
Query Builder