Search CVE reports

Toggle filters

1 – 10 of 65 results

CVE-2023-38350

Medium priority
Ignored

PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26.

1 affected package

pnp4nagios

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pnp4nagios Not in release Not in release Ignored
Show less packages

CVE-2023-38349

Medium priority
Ignored

PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26.

1 affected package

pnp4nagios

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
pnp4nagios Not in release Not in release Ignored
Show less packages

CVE-2022-38254

Medium priority
Needs evaluation

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5.

3 affected packages

nagios4, icinga, nagios3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release
icinga Not in release Not in release Needs evaluation
nagios3 Not in release Not in release Needs evaluation
Show less packages

CVE-2022-38251

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.

3 affected packages

nagios4, icinga, nagios3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release
icinga Not in release Not in release Needs evaluation
nagios3 Not in release Not in release Needs evaluation
Show less packages

CVE-2022-38250

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page.

3 affected packages

nagios4, icinga, nagios3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release
icinga Not in release Not in release Needs evaluation
nagios3 Not in release Not in release Needs evaluation
Show less packages

CVE-2022-38249

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.

3 affected packages

nagios4, icinga, nagios3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release
icinga Not in release Not in release Needs evaluation
nagios3 Not in release Not in release Needs evaluation
Show less packages

CVE-2022-38248

Medium priority
Needs evaluation

Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php.

3 affected packages

nagios4, icinga, nagios3

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release
icinga Not in release Not in release Needs evaluation
nagios3 Not in release Not in release Needs evaluation
Show less packages

CVE-2022-38247

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.

3 affected packages

nagios4, nagios3, icinga

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release
nagios3 Not in release Not in release Needs evaluation
icinga Not in release Not in release Needs evaluation
Show less packages

CVE-2020-6582

Low priority
Vulnerable

Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.

1 affected package

nagios-nrpe

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios-nrpe Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2020-6581

Low priority
Vulnerable

Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.

1 affected package

nagios-nrpe

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
nagios-nrpe Not affected Not affected Not affected Vulnerable
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON