cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-28991,https://securityvulnerability.io/vulnerability/CVE-2024-28991,Remote Code Execution Vulnerability Affects SolarWinds ARM,"The SolarWinds Access Rights Manager (ARM) has a vulnerability that enables remote code execution when an authenticated user manipulates the service. This flaw allows potential abuse that could lead to the execution of arbitrary code on the server. Organizations using this version of ARM should take immediate action to mitigate risks associated with this vulnerability, which can have serious implications for data integrity and system security.",Solarwinds,Access Rights Manager,8.8,HIGH,0.0013800000306218863,false,,true,false,true,2024-09-16T00:00:00.000Z,,true,false,,2024-09-12T13:17:30.721Z,4416
CVE-2024-28987,https://securityvulnerability.io/vulnerability/CVE-2024-28987,Unauthenticated Access to Internal Functionality and Data via Hardcoded Credentials,"The SolarWinds Web Help Desk software is susceptible to a hardcoded credential vulnerability that enables remote unauthenticated users to gain unauthorized access to the system's internal functionalities. This security flaw allows attackers to manipulate and modify critical data, potentially leading to severe implications for organizations relying on this software for managing their help desk services. Immediate attention to this vulnerability is essential in order to safeguard sensitive information and maintain operational integrity.",Solarwinds,Web Help Desk,9.1,CRITICAL,0.961929976940155,true,2024-10-15T00:00:00.000Z,true,false,true,2024-08-22T16:01:41.000Z,true,true,false,,2024-08-21T22:15:00.000Z,4932
CVE-2024-28986,https://securityvulnerability.io/vulnerability/CVE-2024-28986,SolarWinds Web Help Desk Vulnerable to Remote Code Execution,"CVE-2024-28986 is a critical vulnerability in SolarWinds Web Help Desk, allowing attackers to run commands on the host machine. It is a Java deserialization vulnerability affecting versions 12.4 through 12.8 of the software. SolarWinds has released a patch (version 12.8.3) and a hotfix (Web Help Desk 12.8.3 Hotfix 1) that customers are urged to install immediately. The Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities catalog, indicating active interest from threat actors. The exploitation of this vulnerability can have severe impacts, and organizations are advised to follow SolarWinds' instructions for installing the patch and hotfix as a matter of urgency.",Solarwinds,Web Help Desk,9.8,CRITICAL,0.026179999113082886,true,2024-08-15T00:00:00.000Z,true,false,true,2024-08-15T00:00:00.000Z,,false,false,,2024-08-13T23:15:00.000Z,0
CVE-2024-28999,https://securityvulnerability.io/vulnerability/CVE-2024-28999,SolarWinds Platform Affected by Race Condition Vulnerability,"A race condition vulnerability has been identified in the web console of the SolarWinds Platform, allowing an attacker to exploit timing issues in the execution of code. This may lead to unauthorized access or manipulation of sensitive information. Patching and updating to the latest version is essential for maintaining system integrity and security. Users are strongly advised to implement the recommended mitigation strategies to protect their installations.",Solarwinds,Solarwinds Platform,8.1,HIGH,0.020339999347925186,false,,false,false,true,2024-06-22T22:39:56.000Z,true,false,false,,2024-06-04T14:51:56.682Z,0
CVE-2024-28995,https://securityvulnerability.io/vulnerability/CVE-2024-28995,SolarWinds Serv-U Vulnerable to Directory Transversal Attack,"A directory traversal vulnerability exists in SolarWinds Serv-U that enables an attacker to exploit the software's file access controls. By manipulating file paths, unauthorized users may gain access to sensitive files located on the host machine, which could lead to information disclosure and potential further exploitation of the system. It is essential for users of the affected products to apply the latest security updates to mitigate the risks associated with this vulnerability.",Solarwinds,Solarwinds Serv-u,7.5,HIGH,0.9649999737739563,true,2024-07-17T00:00:00.000Z,true,true,true,2024-06-07T17:52:43.000Z,true,true,false,,2024-06-06T09:01:23.314Z,8346