Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
centreon centreon 19.10 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2020-9463
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
Centreon Centreon 19.10
8.8
CVSSv3
CVE-2020-22425
Centreon 19.10-3.el7 is affected by a SQL injection vulnerability, where an authorized user is able to inject additional SQL queries to perform remote command execution.
Centreon Centreon 19.10
7.5
CVSSv3
CVE-2019-17643
An issue exists in Centreon prior to 2.8-30,18.10-8, 19.04-5, and 19.10-2. It provides sensitive information via an unauthenticated direct request for include/monitoring/recurrentDowntime/GetXMLHost4Services.php.
Centreon Centreon
7.8
CVSSv3
CVE-2019-20327
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software up to and including 19.10 allow local malicious users to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)
Centreon Centreon
7.5
CVSSv3
CVE-2019-17644
An issue exists in Centreon prior to 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/refreshMacroAjax.php.
Centreon Centreon
7.2
CVSSv3
CVE-2019-16405
Centreon Web prior to 2.8.30, 18.10.x prior to 18.10.8, 19.04.x prior to 19.04.5 and 19.10.x prior to 19.10.2 allows Remote Code Execution by an administrator who can modify Macro Expression location settings. CVE-2019-16405 and CVE-2019-17501 are similar to one another and may b...
Centreon Centreon Web
7.2
CVSSv3
CVE-2019-19699
There is Authenticated remote code execution in Centreon Infrastructure Monitoring Software up to and including 19.10 via Pollers misconfiguration, leading to system compromise via apache crontab misconfiguration, This allows the apache user to modify an executable file executed ...
Centreon Centreon
3 Github repositories
8.8
CVSSv3
CVE-2019-17017
Due to a missing case handling object types, a type confusion vulnerability could occur, resulting in a crash. We presume that with enough effort that it could be exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.4 and Firefox < 72.
Mozilla Firefox
Mozilla Firefox Esr
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.04
Canonical Ubuntu Linux 19.10
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Redhat Enterprise Linux Desktop 6.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Server 6.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Workstation 6.0
Redhat Enterprise Linux Workstation 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started