Lucene search
K
SolarwindsDatabase Performance Analyzer*

5 matches found

CVE
CVE
added 2022/04/21 6:18 p.m.71 views

CVE-2021-35229

CVE-2021-35229 is a cross-site scripting vulnerability in SolarWinds Database Performance Monitor (DPM) 2022.1.7779 and earlier when handling complex SQL queries. The CVE entries in NVD describe impact to confidentiality and integrity (C/L) with network attack vector and variable user interaction...

6.8CVSS6.4AI score0.02982EPSS
CVE
CVE
added 2023/04/25 12:0 a.m.55 views

CVE-2023-23837

CVE-2023-23837 relates to SolarWinds Database Performance Analyzer (DPA). Affected: DPA 2023.1 and earlier; root cause: absence of proper exception handling leading to disclosure of sensitive or excessive information to users. Reported impact: high confidentiality impact with no integrity or avai...

7.5CVSS7.4AI score0.00809EPSS
CVE
CVE
added 2023/07/18 4:50 p.m.55 views

CVE-2023-33231

CVE-2023-33231 applies to SolarWinds Database Performance Analyzer 2023.2, where XSS is caused by insufficient input validation in the web UI. The issue is tracked across multiple feeds; CVSS 3.1 base score 6.1 (MEDIUM), attack vector Network, user interaction Required, scope Changed. Connected a...

6.1CVSS6AI score0.00455EPSS
CVE
CVE
added 2023/04/25 12:0 a.m.48 views

CVE-2023-23838

CVE-2023-23838 affects SolarWinds Database Performance Analyzer (DPA) up to version 2022.3 and earlier, described as a directory traversal and file enumeration vulnerability that could allow access to different folders on the server. Various sources corroborate the vulnerability in DPA (2023.1/ea...

6.5CVSS6.5AI score0.01272EPSS
CVE
CVE
added 2025/08/12 8:10 a.m.19 views

CVE-2025-26398

CVE-2025-26398 is documented as a vulnerability in SolarWinds Database Performance Analyzer where a hard-coded cryptographic key exists. According to the sources, exploitation could enable a local attacker with administrator privileges (and with access to the host where the additional software is...

6.4CVSS7AI score0.00169EPSS