CVE-2023-7314

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Bandwidth Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2023-7313

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Bulk Modifications tool. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2023-7313

Nagios XI versions prior to 5.11.3 are vulnerable to cross-site scripting XSS via the Bulk Modifications tool. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

PT-2025-44554

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.11.3 Description The software is susceptible to cross-site scripting XSS through the Graph Explorer component. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execu...

PT-2025-44490

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.11.3 Description Nagios XI is susceptible to a cross-site scripting XSS issue through the Bandwidth Report component. A lack of proper input validation or escaping could allow an attacker to inject and execute...

PT-2025-44486

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.11.3 Description The software is susceptible to cross-site scripting XSS and cross-site request forgery CSRF through the Hypermap Replay component. An attacker can submit crafted input that is not properly validat...

EUVD-2022-39585

Malicious code in bioql PyPI...

OPENSUSE-SU-2025:15055-1 weblate-5.11.3-1.1 on GA media

These are all security issues fixed in the weblate-5.11.3-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2023-48085

Nagios XI before version 5.11.3 was discovered to contain a remote code execution RCE vulnerability via the component commandtest.php...

CVE-2023-48085

Nagios XI before version 5.11.3 was discovered to contain a remote code execution RCE vulnerability via the component commandtest.php...

CVE-2023-48084

Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool...

CVE-2023-48084

Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool...

Sql injection

Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool...

Remote code execution

Nagios XI before version 5.11.3 was discovered to contain a remote code execution RCE vulnerability via the component commandtest.php...

Vulnerabilities fixed in Nagios XI

Vulnerabilities have been fixed in Nagios XI. A malicious party can exploit the vulnerabilities to launch a cross-site scripting attack. execute. Such an attack could lead to execution of arbitrary code in the victim's browser, or possibly access to sensitive data in the context of the victim's...

Rocky Linux 8 : qt5 (RLSA-2020:1665)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1665 advisory. - An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp. CVE-2018-19869 - An issue was...

PT-2023-7771 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI versions prior to 5.11.3 Description: The issue is related to a lack of neutralization of special elements in the command test.php script of the Core Config Manager component in Nagios XI, allowing for remote code execution. This...

Oracle Linux 8 : qt5-qtbase (ELSA-2019-3390)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3390 advisory. qt5-qtbase 5.11-1-7 - Move libQt5EglFSDeviceIntegration lib out of the -devel subpkg Resolves: bz1692970 - Fix QImage allocaion failure Resolve:...

SUSE CVE-2018-19869

An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp...

SUSE CVE-2018-19870

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault...