Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
Vulnerabilities for
'Nagios core'
2020-12-23
CVE-2020-35269
CWE-352
There is a Cross Site Request Forgery (CSRF) vulnerability in Nagios Core 4.2.4.
2018-12-17
CVE-2018-18245
CWE-79
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
2018-07-12
CVE-2018-13458
CWE-476
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
CVE-2018-13457
CWE-476
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
2017-09-11
CVE-2017-14312
CWE-269
Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account.
>>>
Vendor:
Nagios
11
Products
Nagios
Plugins
Fusion
Remote plug in executor
Nagstamon
Nagios xi
Remote plugin executor
Nagios core
Incident manager
Log server
Network analyzer
Copyright
2024
, cxsecurity.com
Back to Top