Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios nagios - vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-36365
Nagios XI prior to 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.
Nagios Nagios Xi
356
VMScore
CVE-2020-6584
Nagios Log Server 2.1.3 has Incorrect Access Control.
Nagios Nagios 2.1.3
312
VMScore
CVE-2020-6586
Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered.
Nagios Nagios 2.1.3
940
VMScore
CVE-2020-35578
An issue exists in the Manage Plugins page in Nagios XI prior to 5.8.0. Because the line-ending conversion feature is mishandled during a plugin upload, a remote, authenticated admin user can execute operating-system commands.
Nagios Nagios Xi
1 Metasploit module
641
VMScore
CVE-2017-14312
Nagios Core up to and including 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by l...
Nagios Nagios Core
435
VMScore
CVE-2018-13457
qh_echo in Nagios Core 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious users to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
Nagios Nagios Core
1 EDB exploit
435
VMScore
CVE-2018-13458
qh_core in Nagios Core 4.4.1 and previous versions is prone to a NULL pointer dereference vulnerability, which allows malicious users to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
Nagios Nagios Core
1 EDB exploit
578
VMScore
CVE-2021-33177
The Bulk Modifications functionality in Nagios XI versions before 5.8.5 is vulnerable to SQL injection. Exploitation requires the malicious actor to be authenticated to the vulnerable system, but once authenticated they would be able to execute arbitrary sql queries.
Nagios Nagios Xi
890
VMScore
CVE-2020-15903
An issue was found in Nagios XI prior to 5.7.3. There is a privilege escalation vulnerability in backend scripts that ran as root where some included files were editable by nagios user. This issue was fixed in version 5.7.3.
Nagios Nagios Xi
605
VMScore
CVE-2020-6585
Nagios Log Server 2.1.3 has CSRF.
Nagios Nagios 2.1.3
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »