Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2018-13441
qh_help in Nagios Core version 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious user to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
Nagios Nagios
1 EDB exploit
4.3
CVSSv2
CVE-2016-6209
Cross-site scripting (XSS) vulnerability in Nagios.
Nagios Nagios -
5
CVSSv2
CVE-2006-2162
Buffer overflow in CGI scripts in Nagios 1.x prior to 1.4 and 2.x prior to 2.3 allows remote malicious users to execute arbitrary code via a negative content length (Content-Length) HTTP header.
Nagios Nagios
7.2
CVSSv2
CVE-2016-10089
Nagios 4.3.2 and previous versions allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641.
Nagios Nagios
6.3
CVSSv2
CVE-2017-12847
Nagios Core prior to 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "ki...
Nagios Nagios
2.1
CVSSv2
CVE-2014-4702
The check_icmp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
Nagios Nagios
7.5
CVSSv2
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) prior to 2.14 might allow remote malicious users to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Opensuse Opensuse 11.4
Nagios Remote Plug In Executor 2.8.1
Nagios Remote Plug In Executor 2.8
Nagios Remote Plug In Executor 2.5
Nagios Remote Plug In Executor 2.4
Nagios Remote Plug In Executor 2.0b1
Nagios Remote Plug In Executor 1.8
Nagios Remote Plug In Executor 2.10
Nagios Remote Plug In Executor 2.9
Nagios Remote Plug In Executor 2.5.2
Nagios Remote Plug In Executor 2.5.1
Nagios Remote Plug In Executor 2.0b3
Nagios Remote Plug In Executor 2.0b2
Nagios Remote Plug In Executor 1.3
Nagios Remote Plug In Executor
Nagios Remote Plug In Executor 2.8b1
Nagios Remote Plug In Executor 2.7.1
Nagios Remote Plug In Executor 2.3
Nagios Remote Plug In Executor 2.0
Nagios Remote Plug In Executor 1.7
1 EDB exploit
2.1
CVSSv2
CVE-2014-4703
lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.
Nagios Nagios 2.0.2
1 EDB exploit
4.3
CVSSv2
CVE-2018-20171
An issue exists in Nagios XI prior to 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability.
Nagios Nagios Xi
9
CVSSv2
CVE-2021-3273
Nagios XI below 5.7 is affected by code injection in the /nagiosxi/admin/graphtemplates.php component. To exploit this vulnerability, someone must have an admin user account in Nagios XI's web system.
Nagios Nagios Xi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »