Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
collectd collectd vulnerabilities and exploits
(subscribe to this query)
9.1
CVSSv3
CVE-2024-1369
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting the username and password for collectd configurations. Exploitation of this v...
Github Enterprise Server
5.3
CVSSv3
CVE-2022-41717
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the s...
Golang Go
Golang Http2
Fedoraproject Fedora 37
Fedoraproject Fedora 38
1 Github repository
7.5
CVSSv3
CVE-2022-30631
Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17.12 and Go 1.18.4 allows an malicious user to cause a panic due to stack exhaustion via an archive containing a large number of concatenated 0-length compressed files.
Golang Go
7.2
CVSSv3
CVE-2019-10669
An issue exists in LibreNMS up to and including 1.47. There is a command injection vulnerability in html/includes/graphs/device/collectd.inc.php where user supplied parameters are filtered with the mysqli_escape_real_string function. This function is not the appropriate function ...
Librenms Librenms
1 EDB exploit
5.5
CVSSv3
CVE-2017-18240
The Gentoo app-admin/collectd package prior to 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL ...
Collectd Collectd
Collectd Collectd 5.7.2
9.1
CVSSv3
CVE-2016-6254
Heap-based buffer overflow in the parse_packet function in network.c in collectd prior to 5.4.3 and 5.x prior to 5.5.2 allows remote malicious users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.
Debian Debian Linux 8.0
Collectd Collectd
Fedoraproject Fedora 24
Fedoraproject Fedora 23
NA
CVE-2010-4336
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x prior to 4.9.4 and prior to 4.10.2 allow remote malicious users to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files ...
Collectd Collectd 4.0.6
Collectd Collectd 4.0.7
Collectd Collectd 4.8.5
Collectd Collectd 4.8.4
Collectd Collectd 4.7.3
Collectd Collectd 4.7.2
Collectd Collectd 4.6.1
Collectd Collectd 4.6.0
Collectd Collectd 4.4.3
Collectd Collectd 4.4.2
Collectd Collectd 4.3.0
Collectd Collectd 4.2.7
Collectd Collectd 4.2.0
Collectd Collectd 4.1.6
Collectd Collectd 4.0.4
Collectd Collectd 4.0.5
Collectd Collectd 4.9.2
Collectd Collectd 4.9.1
Collectd Collectd 4.9.0
Collectd Collectd 4.7.5
Collectd Collectd 4.7.4
Collectd Collectd 4.6.3
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started