Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icinga icinga vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
7.5
CVSSv2
CVE-2018-18249
Icinga Web 2 prior to 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingawe...
Icinga Icinga Web 2
7.5
CVSSv2
CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core prior to 3.4.4, and Icinga 1.6.x prior to 1.6.2, 1.7.x prior to 1.7.4, and 1.8.x prior to 1.8.4, might allow remote malicious users to execute arbitrary code via a long (1) host_name v...
Nagios Nagios 3.2.3
Nagios Nagios 3.2.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.4
Nagios Nagios 3.4.0
Nagios Nagios 3.0
Nagios Nagios 3.3.1
Nagios Nagios 3.1.0
Nagios Nagios 3.0.6
Nagios Nagios 3.4.2
Nagios Nagios 3.4.1
Nagios Nagios 3.1.2
Nagios Nagios 3.1.1
Nagios Nagios 3.0.1
Nagios Nagios
Nagios Nagios 3.2.1
Nagios Nagios 3.2.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.2
Icinga Icinga 1.7.2
Icinga Icinga 1.7.1
Icinga Icinga 1.6.0
2 EDB exploits
7.5
CVSSv2
CVE-2012-3441
The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
Icinga Icinga 1.7.1
7.2
CVSSv2
CVE-2018-6533
An issue exists in Icinga 2.x up to and including 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-exe...
Icinga Icinga
6.9
CVSSv2
CVE-2017-16933
etc/initsystem/prepare-dirs in Icinga 2.x up to and including 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2_USER account for creation of a link.
Icinga Icinga
6.8
CVSSv2
CVE-2013-7107
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5, 1.9.4, 1.10.2, and previous versions allows remote malicious users to hijack the authentication of users for unspecified commands via unspecified vectors, as demonstrated by bypassing authentication requi...
Icinga Icinga
Icinga Icinga 1.10.0
Icinga Icinga 1.10.1
Icinga Icinga 1.0.1
Icinga Icinga 1.0.2
Icinga Icinga 1.4.1
Icinga Icinga 1.6.0
Icinga Icinga 1.7.4
Icinga Icinga 1.8.0
Icinga Icinga 1.9.4
Icinga Icinga 1.8.5
Icinga Icinga 0.8.0
Icinga Icinga 0.8.1
Icinga Icinga 1.0.3
Icinga Icinga 1.2.0
Icinga Icinga 1.6.1
Icinga Icinga 1.6.2
Icinga Icinga 1.8.1
Icinga Icinga 1.8.2
Icinga Icinga 1.9.0
Icinga Icinga 1.9.1
Icinga Icinga 0.8.2
6.5
CVSSv2
CVE-2021-32743
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions before 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credent...
Icinga Icinga
Debian Debian Linux 9.0
6.5
CVSSv2
CVE-2021-32739
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API u...
Icinga Icinga
Debian Debian Linux 9.0
6.5
CVSSv2
CVE-2013-7106
Multiple stack-based buffer overflows in Icinga prior to 1.8.5, 1.9 prior to 1.9.4, and 1.10 prior to 1.10.2 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long string to the (1) display_nav_table, (2) page_limit_se...
Icinga Icinga 1.10.1
Icinga Icinga 0.8.0
Icinga Icinga 0.8.1
Icinga Icinga 0.8.2
Icinga Icinga 1.4.1
Icinga Icinga 1.6.0
Icinga Icinga 1.6.1
Icinga Icinga 1.6.2
Icinga Icinga 1.7.0
Icinga Icinga 1.9.1
Icinga Icinga 1.9.3
Icinga Icinga 0.8.4
Icinga Icinga 1.0
Icinga Icinga 1.2.1
Icinga Icinga 1.3.1
Icinga Icinga 1.7.1
Icinga Icinga 1.7.3
Icinga Icinga 1.9.0
Icinga Icinga 1.0.1
Icinga Icinga 1.0.2
Icinga Icinga 1.0.3
Icinga Icinga 1.2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »