Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-1360
Cross-site scripting (XSS) vulnerability in Nagios prior to 2.11 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624.
Nagios Nagios 2.3
Nagios Nagios 2.3.1
Nagios Nagios 2.9
Nagios Nagios 2.7
Nagios Nagios 2.8
Nagios Nagios 2.10
Nagios Nagios 2.2
NA
CVE-2012-6096
Multiple stack-based buffer overflows in the get_history function in history.cgi in Nagios Core prior to 3.4.4, and Icinga 1.6.x prior to 1.6.2, 1.7.x prior to 1.7.4, and 1.8.x prior to 1.8.4, might allow remote malicious users to execute arbitrary code via a long (1) host_name v...
Nagios Nagios 3.2.3
Nagios Nagios 3.2.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.4
Nagios Nagios 3.4.0
Nagios Nagios 3.0
Nagios Nagios 3.3.1
Nagios Nagios 3.1.0
Nagios Nagios 3.0.6
Nagios Nagios 3.4.2
Nagios Nagios 3.4.1
Nagios Nagios 3.1.2
Nagios Nagios 3.1.1
Nagios Nagios 3.0.1
Nagios Nagios
Nagios Nagios 3.2.1
Nagios Nagios 3.2.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.2
Icinga Icinga 1.7.2
Icinga Icinga 1.7.1
Icinga Icinga 1.6.0
2 EDB exploits
NA
CVE-2002-1959
Nagios 1.0b1 up to and including 1.0b3 allows remote malicious users to execute arbitrary commands via shell metacharacters in plugin output.
Nagios Nagios 1.0 B2
Nagios Nagios 1.0 B3
Nagios Nagios 1.0 B1
NA
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and previous versions, and Icinga prior to 1.8.5, 1.9 prior to 1.9.4, and 1.10 prior to 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service (crash) via a l...
Nagios Nagios 3.0
Nagios Nagios 3.0.3
Nagios Nagios 3.0.4
Nagios Nagios 3.2.1
Nagios Nagios 3.2.2
Nagios Nagios 3.2.3
Nagios Nagios
Nagios Nagios 3.0.1
Nagios Nagios 3.0.2
Nagios Nagios 3.1.2
Nagios Nagios 3.2.0
Nagios Nagios 3.4.3
Nagios Nagios 3.5.1
Nagios Nagios 3.1.0
Nagios Nagios 3.1.1
Nagios Nagios 3.4.1
Nagios Nagios 3.4.2
Nagios Nagios 3.0.5
Nagios Nagios 3.0.6
Nagios Nagios 3.3.1
Nagios Nagios 3.4.0
Icinga Icinga 1.9.0
1 EDB exploit
5.4
CVSSv3
CVE-2023-51072
A stored cross-site scripting (XSS) vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. This allows a...
Nagios Nagios Xi
Nagios Nagios Xi 2024
8.8
CVSSv3
CVE-2020-28906
Incorrect File Permissions in Nagios XI 5.7.5 and previous versions and Nagios Fusion 4.1.8 and previous versions allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root.
Nagios Fusion
Nagios Nagios Xi
9.8
CVSSv3
CVE-2020-28900
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and previous versions and Nagios XI 5.7.5 and previous versions allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.
Nagios Fusion
Nagios Nagios Xi
NA
CVE-2007-5624
Cross-site scripting (XSS) vulnerability in Nagios 2.x prior to 2.10 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
Nagios Nagios
NA
CVE-2006-2162
Buffer overflow in CGI scripts in Nagios 1.x prior to 1.4 and 2.x prior to 2.3 allows remote malicious users to execute arbitrary code via a negative content length (Content-Length) HTTP header.
Nagios Nagios
6.3
CVSSv3
CVE-2017-12847
Nagios Core prior to 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "ki...
Nagios Nagios
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »