Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios core vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2018-13458
qh_core in Nagios Core 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious users to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
Nagios Nagios Core
1 EDB exploit
7.2
CVSSv2
CVE-2017-14312
Nagios Core up to and including 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by l...
Nagios Nagios Core
4.3
CVSSv2
CVE-2018-13457
qh_echo in Nagios Core 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious users to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
Nagios Nagios Core
1 EDB exploit
6.8
CVSSv2
CVE-2020-35269
Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers.
Nagios Nagios Core 4.2.4
3.5
CVSSv2
CVE-2018-18245
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
Nagios Nagios Core 4.4.2
Debian Debian Linux 8.0
6.4
CVSSv2
CVE-2013-7205
Off-by-one error in the process_cgivars function in contrib/daemonchk.c in Nagios Core 3.5.1, 4.0.2, and previous versions allows remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a long string in the last key ...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.2.0
Nagios Nagios 3.2.1
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.1.2
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
7.5
CVSSv2
CVE-2013-6875
SQL injection vulnerability in functions/prepend_adm.php in Nagios Core Config Manager in Nagios XI prior to 2012R2.4 allows remote malicious users to execute arbitrary SQL commands via the tfPassword parameter to nagiosql/index.php.
Nagios Nagios Xi 2012r2.1
Nagios Nagios Xi 2012r1.9
Nagios Nagios Xi 2012r1.2
Nagios Nagios Xi 2012r1.0
Nagios Nagios Xi
Nagios Nagios Xi 2012r2.2
Nagios Nagios Xi 2012
Nagios Nagios Xi 2012r1.7
Nagios Nagios Xi 2012r1.6
Nagios Nagios Xi 2012r1.5
Nagios Nagios Xi 2012r1.4
Nagios Nagios Xi 2012r2.0
Nagios Nagios Xi 2012r1.8
Nagios Nagios Xi 2012r1.3
Nagios Nagios Xi 2012r1.1
1 EDB exploit
7.5
CVSSv2
CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core prior to 3.4.4, and Icinga 1.6.x prior to 1.6.2, 1.7.x prior to 1.7.4, and 1.8.x prior to 1.8.4, might allow remote malicious users to execute arbitrary code via a long (1) host_name v...
Nagios Nagios 3.2.3
Nagios Nagios 3.2.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.4
Nagios Nagios 3.4.0
Nagios Nagios 3.0
Nagios Nagios 3.3.1
Nagios Nagios 3.1.0
Nagios Nagios 3.0.6
Nagios Nagios 3.4.2
Nagios Nagios 3.4.1
Nagios Nagios 3.1.2
Nagios Nagios 3.1.1
Nagios Nagios 3.0.1
Nagios Nagios
Nagios Nagios 3.2.1
Nagios Nagios 3.2.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.2
Icinga Icinga 1.7.2
Icinga Icinga 1.7.1
Icinga Icinga 1.6.0
2 EDB exploits
2.1
CVSSv2
CVE-2018-13441
qh_help in Nagios Core version 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious user to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
Nagios Nagios
1 EDB exploit
5.5
CVSSv2
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and previous versions, and Icinga prior to 1.8.5, 1.9 prior to 1.9.4, and 1.10 prior to 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a l...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.1
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.1.2
Nagios Nagios 3.2.0
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Icinga Icinga 1.9.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »