Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

1445 matches found

OSV
OSVadded 2024/07/02 8:15 a.m.22 views

CVE-2024-38857

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows attackers to craft malicious links that can facilitate phishing attacks...

6.1CVSS6.7AI score
Exploits0References1
NVD
NVDadded 2024/07/02 8:15 a.m.13 views

CVE-2024-38857

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows attackers to craft malicious links that can facilitate phishing attacks...

6.1CVSS0.00284EPSS
Exploits0References1
OSV
OSVadded 2024/07/02 8:15 a.m.0 views

UBUNTU-CVE-2024-38857

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows attackers to craft malicious links that can facilitate phishing attacks...

6.1CVSS5.8AI score0.00284EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2024/07/02 8:15 a.m.9 views

CVE-2024-38857

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows attackers to craft malicious links that can facilitate phishing attacks...

6.1CVSS5.9AI score0.00284EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/07/02 8:11 a.m.14 views

CVE-2024-38857 Reflected links in visuals facilitate phishing attacks

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows attackers to craft malicious links that can facilitate phishing attacks...

4.3CVSS6.9AI score0.00284EPSS
Exploits0References1
CVE
CVEadded 2024/07/02 8:11 a.m.52 views

CVE-2024-38857

CVE-2024-38857 affects Checkmk prior to versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 (EOL). The issue is improper neutralization of input in Checkmk that allows attackers to craft malicious links, enabling phishing attacks. Reported impact notes include user interaction required and potential ...

6.1CVSS4.7AI score0.00284EPSS
Exploits0References1Affected Software1
Cvelist
Cvelistadded 2024/07/02 8:11 a.m.16 views

CVE-2024-38857 Reflected links in visuals facilitate phishing attacks

Improper neutralization of input in Checkmk before versions 2.3.0p8, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows attackers to craft malicious links that can facilitate phishing attacks...

4.3CVSS0.00284EPSS
Exploits0References1
CNNVD
CNNVDadded 2024/07/02 12:0 a.m.2 views

Checkmk Security Vulnerabilities

Checkmk is an IT monitoring platform from Checkmk, Inc. Checkmk has a security vulnerability that stems from improper neutralization of input...

6.1CVSS6.9AI score0.00284EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2024/07/02 12:0 a.m.2 views

PT-2024-28238 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p8 Checkmk versions prior to 2.2.0p28 Checkmk versions prior to 2.1.0p45 Checkmk version 2.0.0 Description: The issue is related to improper neutralization of input, allowing attackers to craft malicious links...

6.1CVSS7.1AI score0.00284EPSS
Exploits0References7
NVD
NVDadded 2024/06/26 8:15 a.m.19 views

CVE-2024-28830

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p7, 2.2.0p28, 2.1.0p45 and =2.0.0p39 EOL causes automation user secrets to be written to audit log files accessible to administrators...

2.7CVSS0.00337EPSS
Exploits0References1
OSV
OSVadded 2024/06/26 8:15 a.m.18 views

CVE-2024-28830

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p7, 2.2.0p28, 2.1.0p45 and =2.0.0p39 EOL causes automation user secrets to be written to audit log files accessible to administrators...

2.7CVSS7AI score
Exploits0References1
OSV
OSVadded 2024/06/26 8:15 a.m.2 views

UBUNTU-CVE-2024-28830

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p7, 2.2.0p28, 2.1.0p45 and =2.0.0p39 EOL causes automation user secrets to be written to audit log files accessible to administrators...

2.7CVSS5.8AI score0.00337EPSS
Exploits0References3
UbuntuCve
UbuntuCveadded 2024/06/26 8:15 a.m.16 views

CVE-2024-28830

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p7, 2.2.0p28, 2.1.0p45 and =2.0.0p39 EOL causes automation user secrets to be written to audit log files accessible to administrators...

2.7CVSS5.8AI score0.00337EPSS
Exploits0References2
Vulnrichment
Vulnrichmentadded 2024/06/26 7:56 a.m.16 views

CVE-2024-28830 Automation user secrets written to audit log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p7, 2.2.0p28, 2.1.0p45 and =2.0.0p39 EOL causes automation user secrets to be written to audit log files accessible to administrators...

2.7CVSS6.8AI score0.00337EPSS
Exploits0References1
CVE
CVEadded 2024/06/26 7:56 a.m.59 views

CVE-2024-28830

CVE-2024-28830 affects Checkmk, with affected versions including <2.3.0p7, <2.2.0p28, <2.1.0p45 and

2.7CVSS3.8AI score0.00337EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologiesadded 2024/06/26 12:0 a.m.5 views

PT-2024-22598 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.3.0p7 Checkmk versions prior to 2.2.0p28 Checkmk versions prior to 2.1.0p45 Checkmk versions prior to or equal to 2.0.0p39 Description: The issue allows sensitive information to be inserted into log files, causing...

2.7CVSS6.8AI score0.00337EPSS
Exploits0References6
CNNVD
CNNVDadded 2024/06/26 12:0 a.m.3 views

Checkmk Security Vulnerabilities

Checkmk is an editor. A security vulnerability exists in Checkmk that originates from the insertion of sensitive information into a log file, resulting in information disclosure...

2.7CVSS6.5AI score0.00337EPSS
Exploits0References2
OSV
OSVadded 2024/06/25 12:15 p.m.12 views

CVE-2024-28832

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows users with permission to change Global Settings to execute arbitrary scripts by injecting HTML elements into the Crash Report URL in the Global Settings...

4.8CVSS6.1AI score
Exploits0References1
NVD
NVDadded 2024/06/25 12:15 p.m.21 views

CVE-2024-28832

Stored XSS in the Crash Report page in Checkmk before versions 2.3.0p7, 2.2.0p28, 2.1.0p45, and 2.0.0 EOL allows users with permission to change Global Settings to execute arbitrary scripts by injecting HTML elements into the Crash Report URL in the Global Settings...

4.8CVSS0.00334EPSS
Exploits0References1
NVD
NVDadded 2024/06/25 12:15 p.m.21 views

CVE-2024-28831

Stored XSS in some confirmation pop-ups in Checkmk before versions 2.3.0p7 and 2.2.0p28 allows Checkmk users to execute arbitrary scripts by injecting HTML elements into some user input fields that are shown in a confirmation pop-up...

5.4CVSS0.00343EPSS
Exploits0References1
Rows per page
Query Builder