Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntop ntop vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2020-15475
In nDPI up to and including 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
Ntop Ndpi
685
VMScore
CVE-2018-12520
An issue exists in ntopng 3.4 prior to 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and s...
Ntop Ntopng
1 EDB exploit
383
VMScore
CVE-2017-7416
ntopng prior to 3.0 allows XSS because GET and POST parameters are improperly validated.
Ntop Ntopng
445
VMScore
CVE-2017-7458
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng prior to 3.0 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address.
Ntop Ntopng
445
VMScore
CVE-2017-7459
ntopng prior to 3.0 allows HTTP Response Splitting.
Ntop Ntopng
685
VMScore
CVE-2017-5473
Cross-site request forgery (CSRF) vulnerability in ntopng up to and including 2.4 allows remote malicious users to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua...
Ntop Ntopng
1 EDB exploit
605
VMScore
CVE-2021-36082
ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.
Ntop Ndpi 3.4
409
VMScore
CVE-2005-3387
The startup script in packages/RedHat/ntop.init in ntop prior to 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote malicious users to execute arbitrary code.
Luca Deri Ntop
383
VMScore
CVE-2014-4329
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Ntop Ntopng 1.1
668
VMScore
CVE-2002-0412
Format string vulnerability in TraceEvent function for ntop prior to 2.1 allows remote malicious users to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3)...
Luca Deri Ntop 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »