Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1445 matches found

Cvelist
Cvelistadded 2025/05/13 10:45 a.m.17 views

CVE-2025-32917 Privilege escalation in jar_signature

Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...

5.2CVSS0.0026EPSS
Exploits0References1
CVE
CVEadded 2025/05/13 10:45 a.m.44 views

CVE-2025-32917

CVE-2025-32917 affects Checkmk’s jar_signature agent plugin. Affected versions are before 2.4.0b7 (beta), before 2.3.0p32, before 2.2.0p42, and 2.1.0p49 (EOL). The vulnerability allows a user with write access to JAVA_HOME/bin to escalate privileges. The provided documents do not contain explicit...

8.8CVSS7.5AI score0.0026EPSS
Exploits0References1Affected Software1
CNNVD
CNNVDadded 2025/05/13 12:0 a.m.1 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. Checkmk has a security vulnerability that stems from elevated privileges in the jarsignature proxy plugin, which could lead to elevated privileges. The following versions are affected: versions prior to 2.4.0b7, versions prior to 2.3.0p32,...

8.8CVSS6.4AI score0.0026EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2025/05/13 12:0 a.m.5 views

PT-2025-20885 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.4.0b7 beta Checkmk versions prior to 2.3.0p32 Checkmk versions prior to 2.2.0p42 Checkmk version 2.1.0p49 Description: The issue allows a user with write access to the JAVA HOME/bin directory to escalate privileges...

5.2CVSS6.5AI score0.0026EPSS
Exploits0References7
RedhatCVE
RedhatCVEadded 2025/05/10 12:12 p.m.15 views

CVE-2025-3506

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and...

6.3CVSS6.8AI score0.00275EPSS
Exploits0References1
OSV
OSVadded 2025/05/08 12:15 p.m.3 views

CVE-2025-3506

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

5.3CVSS7.2AI score
Exploits0References1
NVD
NVDadded 2025/05/08 12:15 p.m.18 views

CVE-2025-3506

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

6.3CVSS0.00275EPSS
Exploits0References1
OSV
OSVadded 2025/05/08 12:15 p.m.1 views

UBUNTU-CVE-2025-3506

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

6.3CVSS5.8AI score0.00275EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2025/05/08 11:24 a.m.5 views

CVE-2025-3506 Potentially senitive path exposed via unauthenticated http route

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

6.3CVSS6.7AI score0.00275EPSS
Exploits0References1
CVE
CVEadded 2025/05/08 11:24 a.m.51 views

CVE-2025-3506

The CVE-2025-3506 issue affects Checkmk deployments where files to be deployed with agents are accessible without authentication, affecting Checkmk versions 2.1.0, 2.2.0, 2.3.0 and all builds prior to 2.4.0b6. The root cause described across sources is unauthenticated access to agent-deployment f...

6.3CVSS6.7AI score0.00275EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/05/08 11:24 a.m.17 views

CVE-2025-3506 Potentially senitive path exposed via unauthenticated http route

Files to be deployed with agents are accessible without authentication in Checkmk 2.1.0, Checkmk 2.2.0, Checkmk 2.3.0 and Checkmk 2.4.0b6 allows attacker to access files that could contain secrets...

6.3CVSS0.00275EPSS
Exploits0References1
Positive Technologies
Positive Technologiesadded 2025/05/08 12:0 a.m.19 views

PT-2025-20377 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions 2.1.0 through 2.3.0 Checkmk version 2.4.0b6 and earlier Description: The issue allows files to be deployed with agents to be accessible without authentication. This could enable an attacker to access files that may contain...

6.3CVSS6.1AI score0.00275EPSS
Exploits0References9
CNNVD
CNNVDadded 2025/05/08 12:0 a.m.3 views

Checkmk 安全漏洞

Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk version 2.4.0 that originates from accessing agent deployment files containing sensitive information without authentication...

6.3CVSS6.3AI score0.00275EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/04/25 4:23 p.m.10 views

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
OSV
OSVadded 2025/04/22 12:15 p.m.3 views

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

7.5CVSS7.3AI score
Exploits0References1
NVD
NVDadded 2025/04/22 12:15 p.m.10 views

CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

7.5CVSS0.00254EPSS
Exploits0References1
OSV
OSVadded 2025/04/22 12:15 p.m.1 views

UBUNTU-CVE-2025-2092

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

7.5CVSS5.6AI score0.00254EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/04/22 11:38 a.m.10 views

CVE-2025-2092 Remote site authentication secrets written to web log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

7.1CVSS7AI score0.00254EPSS
Exploits0References1
CVE
CVEadded 2025/04/22 11:38 a.m.61 views

CVE-2025-2092

Checkmk CVE-2025-2092 affects Checkmk versions <2.3.0p29, <2.2.0p41 and

7.5CVSS6.7AI score0.00254EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2025/04/22 11:38 a.m.17 views

CVE-2025-2092 Remote site authentication secrets written to web log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p29, 2.2.0p41 and =2.1.0p49 EOL causes remote site authentication secrets to be written to log files accessible to administrators...

7.1CVSS0.00254EPSS
Exploits0References1
Rows per page
Query Builder