Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
icinga icinga vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2008-4796
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and previous versions, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote malicious users to execute arbitrary commands vi...
Snoopy Project Snoopy
Debian Debian Linux 4.0
Debian Debian Linux 5.0
Nagios Nagios
Wordpress Wordpress
760
VMScore
CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core prior to 3.4.4, and Icinga 1.6.x prior to 1.6.2, 1.7.x prior to 1.7.4, and 1.8.x prior to 1.8.4, might allow remote malicious users to execute arbitrary code via a long (1) host_name v...
Nagios Nagios 3.2.3
Nagios Nagios 3.2.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.4
Nagios Nagios 3.4.0
Nagios Nagios 3.0
Nagios Nagios 3.3.1
Nagios Nagios 3.1.0
Nagios Nagios 3.0.6
Nagios Nagios 3.4.2
Nagios Nagios 3.4.1
Nagios Nagios 3.1.2
Nagios Nagios 3.1.1
Nagios Nagios 3.0.1
Nagios Nagios
Nagios Nagios 3.2.1
Nagios Nagios 3.2.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.2
Icinga Icinga 1.7.2
Icinga Icinga 1.7.1
Icinga Icinga 1.6.0
2 EDB exploits
668
VMScore
CVE-2018-18249
Icinga Web 2 prior to 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingawe...
Icinga Icinga Web 2
668
VMScore
CVE-2012-3441
The database creation script (module/idoutils/db/scripts/create_mysqldb.sh) in Icinga 1.7.1 grants access to all databases to the icinga user, which allows icinga users to access other databases via unspecified vectors.
Icinga Icinga 1.7.1
641
VMScore
CVE-2018-6533
An issue exists in Icinga 2.x up to and including 2.8.1. By editing the init.conf file, Icinga 2 can be run as root. Following this the program can be used to run arbitrary code as root. This was fixed by no longer using init.conf to determine account information for any root-exe...
Icinga Icinga
614
VMScore
CVE-2017-16933
etc/initsystem/prepare-dirs in Icinga 2.x up to and including 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain privileges by leveraging access to the $ICINGA2_USER account for creation of a link.
Icinga Icinga
606
VMScore
CVE-2022-24715
Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved ...
Icinga Icinga Web 2
1 EDB exploit
2 Github repositories
605
VMScore
CVE-2013-7107
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in Icinga 1.8.5, 1.9.4, 1.10.2, and previous versions allows remote malicious users to hijack the authentication of users for unspecified commands via unspecified vectors, as demonstrated by bypassing authentication requi...
Icinga Icinga
Icinga Icinga 1.10.0
Icinga Icinga 1.10.1
Icinga Icinga 1.0.1
Icinga Icinga 1.0.2
Icinga Icinga 1.4.1
Icinga Icinga 1.6.0
Icinga Icinga 1.7.4
Icinga Icinga 1.8.0
Icinga Icinga 1.9.4
Icinga Icinga 1.8.5
Icinga Icinga 0.8.0
Icinga Icinga 0.8.1
Icinga Icinga 1.0.3
Icinga Icinga 1.2.0
Icinga Icinga 1.6.1
Icinga Icinga 1.6.2
Icinga Icinga 1.8.1
Icinga Icinga 1.8.2
Icinga Icinga 1.9.0
Icinga Icinga 1.9.1
Icinga Icinga 0.8.2
578
VMScore
CVE-2021-32743
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. In versions before 2.11.10 and from version 2.12.0 through version 2.12.4, some of the Icinga 2 features that require credent...
Icinga Icinga
Debian Debian Linux 9.0
578
VMScore
CVE-2021-32739
Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. From version 2.4.0 through version 2.12.4, a vulnerability exists that may allow privilege escalation for authenticated API u...
Icinga Icinga
Debian Debian Linux 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »