Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nagios vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2014-4702
The check_icmp plugin in Nagios Plugins prior to 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.
Nagios Nagios
4.3
CVSSv2
CVE-2007-5624
Cross-site scripting (XSS) vulnerability in Nagios 2.x prior to 2.10 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
Nagios Nagios
7.5
CVSSv2
CVE-2016-0726
The Fedora Nagios package uses "nagiosadmin" as the default password for the "nagiosadmin" administrator account, which makes it easier for remote malicious users to obtain access by leveraging knowledge of the credentials.
Nagios Nagios -
4.3
CVSSv2
CVE-2016-6209
Cross-site scripting (XSS) vulnerability in Nagios.
Nagios Nagios -
5
CVSSv2
CVE-2006-2162
Buffer overflow in CGI scripts in Nagios 1.x prior to 1.4 and 2.x prior to 2.3 allows remote malicious users to execute arbitrary code via a negative content length (Content-Length) HTTP header.
Nagios Nagios
6.3
CVSSv2
CVE-2017-12847
Nagios Core prior to 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a "ki...
Nagios Nagios
7.5
CVSSv2
CVE-2013-1362
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) prior to 2.14 might allow remote malicious users to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.
Opensuse Opensuse 12.1
Opensuse Opensuse 12.2
Opensuse Opensuse 11.4
Nagios Remote Plug In Executor 2.8.1
Nagios Remote Plug In Executor 2.8
Nagios Remote Plug In Executor 2.5
Nagios Remote Plug In Executor 2.4
Nagios Remote Plug In Executor 2.0b1
Nagios Remote Plug In Executor 1.8
Nagios Remote Plug In Executor 2.10
Nagios Remote Plug In Executor 2.9
Nagios Remote Plug In Executor 2.5.2
Nagios Remote Plug In Executor 2.5.1
Nagios Remote Plug In Executor 2.0b3
Nagios Remote Plug In Executor 2.0b2
Nagios Remote Plug In Executor 1.3
Nagios Remote Plug In Executor
Nagios Remote Plug In Executor 2.8b1
Nagios Remote Plug In Executor 2.7.1
Nagios Remote Plug In Executor 2.3
Nagios Remote Plug In Executor 2.0
Nagios Remote Plug In Executor 1.7
1 EDB exploit
10
CVSSv2
CVE-2020-28910
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and previous versions allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2018-10737
A SQL injection issue exists in Nagios XI prior to 5.4.13 via the admin/logbook.php txtSearch parameter.
Nagios Nagios Xi
6.5
CVSSv2
CVE-2019-9164
Command injection in Nagios XI prior to 5.5.11 allows an authenticated users to execute arbitrary remote commands via a new autodiscovery job.
Nagios Nagios Xi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »