Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ntop ntop - vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-11940
In nDPI up to and including 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library.
Ntop Ndpi
6.4
CVSSv2
CVE-2020-15471
In nDPI up to and including 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c.
Ntop Ndpi
7.5
CVSSv2
CVE-2020-15475
In nDPI up to and including 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.
Ntop Ndpi
6.4
CVSSv2
CVE-2020-15473
In nDPI up to and including 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.
Ntop Ndpi
7.5
CVSSv2
CVE-2020-15474
In nDPI up to and including 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c.
Ntop Ndpi
6
CVSSv2
CVE-2015-8368
ntopng (aka ntop) prior to 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and username parameter to admin/password_reset.lua.
Ntop Ntopng
1 EDB exploit
4.3
CVSSv2
CVE-2014-4329
Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote malicious users to inject arbitrary web script or HTML via the host parameter.
Ntop Ntopng 1.1
4.6
CVSSv2
CVE-2005-3387
The startup script in packages/RedHat/ntop.init in ntop prior to 3.2, when ntop.conf is writable by users besides root, creates temporary files insecurely, which allows remote malicious users to execute arbitrary code.
Luca Deri Ntop
6.8
CVSSv2
CVE-2021-36082
ntop nDPI 3.4 has a stack-based buffer overflow in processClientServerHello.
Ntop Ndpi 3.4
5
CVSSv2
CVE-2000-0705
ntop running in web mode allows remote malicious users to read arbitrary files via a .. (dot dot) attack.
Luca Deri Ntop 1.2a7 9
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »