CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

SUSE CVE•added 2023/02/15 5:33 a.m.•2 views

SUSE CVE-2013-7107

Cross-site request forgery CSRF vulnerability in cmd.cgi in Icinga 1.8.5, 1.9.4, 1.10.2, and earlier allows remote attackers to hijack the authentication of users for unspecified commands via unspecified vectors, as demonstrated by bypassing authentication requirements for CVE-2013-7106...

6.8CVSS7.4AI score0.01006EPSS

Exploits0References3

securityvulns•added 2014/06/14 12:0 a.m.•66 views

[SECURITY] [DSA 2956-1] icinga security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2956-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...

6.8CVSS2.6AI score0.59546EPSS

Exploits1

Tenable Nessus•added 2014/06/13 12:0 a.m.•27 views

openSUSE Security Update : icinga (openSUSE-SU-2014:0269-1)

This update fixes the following security issue with icinga : - bnc859424: Fixed vulnerability against CSRF attacks CVE-2013-7107. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

6.8CVSS5.3AI score0.01006EPSS

Exploits0References3

Debian•added 2014/06/11 2:34 p.m.•27 views

[SECURITY] [DSA 2956-1] icinga security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2956-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 11, 2014 http://www.debian.org/security/faq -...

6.8CVSS8.6AI score0.59546EPSS

Exploits1

UbuntuCve•added 2014/01/15 4:8 p.m.•28 views

CVE-2013-7107

6.8CVSS5.9AI score0.01006EPSS

Exploits0References2

Prion•added 2014/01/15 4:8 p.m.•15 views

Stack overflow

Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long string to the 1 displaynavtable, 2 pagelimitselector, 3 printexportlink, or 4...

6.5CVSS7.9AI score0.0254EPSS

Exploits0References3Affected Software1

CVE•added 2014/01/14 6:0 p.m.•57 views

CVE-2013-7107

CVE-2013-7107 describes a CSRF vulnerability in Icinga’s cmd.cgi that can allow remote attackers to hijack a user’s authenticated session for unspecified commands. Affected versions include Icinga 1.8.5, 1.9.4, 1.10.2 and earlier. The issue is demonstrated by bypassing authentication for CVE-2013...

6.8CVSS7.2AI score0.01006EPSS

Exploits0References5Affected Software1