Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-2162
Buffer overflow in CGI scripts in Nagios 1.x prior to 1.4 and 2.x prior to 2.3 allows remote malicious users to execute arbitrary code via a negative content length (Content-Length) HTTP header.
Nagios Nagios
NA
CVE-2007-5624
Cross-site scripting (XSS) vulnerability in Nagios 2.x prior to 2.10 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
Nagios Nagios
6.1
CVSSv3
CVE-2016-6209
Cross-site scripting (XSS) vulnerability in Nagios.
Nagios Nagios -
NA
CVE-2014-4701
The check_dhcp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.
Nagios Nagios
NA
CVE-2014-4702
The check_icmp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
Nagios Nagios
6.3
CVSSv3
CVE-2017-12847
Nagios Core prior to 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "ki...
Nagios Nagios
NA
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) prior to 2.14 might allow remote malicious users to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Opensuse Opensuse 11.4
Nagios Remote Plug In Executor 2.8.1
Nagios Remote Plug In Executor 2.8
Nagios Remote Plug In Executor 2.5
Nagios Remote Plug In Executor 2.4
Nagios Remote Plug In Executor 2.0b1
Nagios Remote Plug In Executor 1.8
Nagios Remote Plug In Executor 2.10
Nagios Remote Plug In Executor 2.9
Nagios Remote Plug In Executor 2.5.2
Nagios Remote Plug In Executor 2.5.1
Nagios Remote Plug In Executor 2.0b3
Nagios Remote Plug In Executor 2.0b2
Nagios Remote Plug In Executor 1.3
Nagios Remote Plug In Executor
Nagios Remote Plug In Executor 2.8b1
Nagios Remote Plug In Executor 2.7.1
Nagios Remote Plug In Executor 2.3
Nagios Remote Plug In Executor 2.0
Nagios Remote Plug In Executor 1.7
1 EDB exploit
6.5
CVSSv3
CVE-2022-29269
In Nagios XI up to and including 5.8.5, in the schedule report function, an authenticated attacker is able to inject HTML tags that lead to the reformatting/editing of emails from an official email address.
Nagios Nagios Xi
4.3
CVSSv3
CVE-2022-29270
In Nagios XI up to and including 5.8.5, it is possible for a user without password verification to change his e-mail address.
Nagios Nagios Xi
6.5
CVSSv3
CVE-2022-29271
In Nagios XI up to and including 5.8.5, a read-only Nagios user (due to an incorrect permission check) is able to schedule downtime for any host/services. This allows an malicious user to permanently disable all monitoring checks.
Nagios Nagios Xi
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »