Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntop ntop - vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2015-8368
ntopng (aka ntop) prior to 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
Ntop Ntopng
1 EDB exploit
383
VMScore
CVE-2017-7416
ntopng prior to 3.0 allows XSS because GET and POST parameters are improperly validated.
Ntop Ntopng
445
VMScore
CVE-2017-7458
The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng prior to 3.0 allows remote malicious users to cause a denial of service (NULL pointer dereference and application crash) via an empty field that should have contained a hostname or IP address.
Ntop Ntopng
445
VMScore
CVE-2017-7459
ntopng prior to 3.0 allows HTTP Response Splitting.
Ntop Ntopng
570
VMScore
CVE-2020-15473
In nDPI up to and including 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.
Ntop Ndpi
685
VMScore
CVE-2017-5473
Cross-site request forgery (CSRF) vulnerability in ntopng up to and including 2.4 allows remote malicious users to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua...
Ntop Ntopng
1 EDB exploit
409
VMScore
CVE-2005-3387
The startup script in packages/RedHat/ntop.init in ntop prior to 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote malicious users to execute arbitrary code.
Luca Deri Ntop
605
VMScore
CVE-2021-36082
ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.
Ntop Ndpi 3.4
383
VMScore
CVE-2014-4329
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Ntop Ntopng 1.1
505
VMScore
CVE-2000-0705
ntop running in web mode allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Luca Deri Ntop 1.2a7 9
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »