Lucene search
+L

109 matches found

nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-38859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XSS in the view page with the SLA column configured in Checkmk versions prior to 2.3.0p14, 2.2.0p33, 2.1.0p47 and 2.0.0 EOL allowed malicious users to execute...

6.1CVSS6.3AI score0.00419EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2022-48319

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sensitive host secret disclosed in cmk-update-agent.log file in Tribe29's Checkmk = 2.1.0p13, Checkmk = 2.0.0p29, and all versions of Checkmk 1.6.0 EOL allows a...

6.5CVSS5.7AI score0.00219EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-6157

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command executi...

8.8CVSS7.2AI score0.00857EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-38862

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p18, 2.2.0p35, 2.1.0p48 and =2.0.0p39 EOL causes SNMP and IMPI secrets ...

5.1CVSS6.1AI score0.00322EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-46303

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Command injection in SMS notifications in Tribe29 Checkmk = 2.1.0p10, Checkmk = 2.0.0p27, and Checkmk = 1.6.0p29 allows an attacker with User Management...

8CVSS7.1AI score0.01096EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-3367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Argument injection in webspheremq agent plugin in Checkmk 2.0.0, 2.1.0, 2.2.0p26 and 2.3.0b5 allows local attacker to inject one argument to runmqsc CVE-2024-33...

6.5CVSS5.5AI score0.00314EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2023-31210

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Usage of user controlled LDLIBRARYPATH in agent in Checkmk 2.2.0p10 up to 2.2.0p16 allows malicious Checkmk site user to escalate rights via injection of...

8.8CVSS7.3AI score0.00536EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-48318

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - No authorisation controls in the RestAPI documentation for Tribe29's Checkmk = 2.1.0p13 and Checkmk = 2.0.0p29 which may lead to unintended information disclosu...

5.3CVSS6.2AI score0.00486EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-6735

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Privilege escalation in mktsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges CVE-2023-6735 Note that...

8.8CVSS7.3AI score0.00276EPSS
Exploits0References2
nessus
nessus
added 2025/09/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-1768

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate error handling in Tribe29 Checkmk = 2.1.0p25, = 2.0.0p34, = 2.2.0b3 beta, and all versions of Checkmk 1.6.0 causes the symmetric encryption of age...

5.3CVSS5.7AI score0.00913EPSS
Exploits0References2
redhatcve
redhatcve
added 2025/05/24 3:17 p.m.18 views

CVE-2025-32915

Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and = 2.1.0p49 EOL. This allows a local attacker to read sensitive data...

5.5CVSS6.4AI score0.0012EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 9:9 a.m.6 views

CVE-2024-5741

Stored XSS in inventory tree rendering in Checkmk before 2.3.0p7, 2.2.0p28, 2.1.0p45 and 2.0.0 EOL...

6.5CVSS6.1AI score0.00283EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:45 a.m.9 views

CVE-2023-31207

Transmission of credentials within query parameters in Checkmk = 2.1.0p26, = 2.0.0p35, and = 2.2.0b6 beta may cause the automation user's secret to be written to the site Apache access log...

5.5CVSS6.7AI score0.00223EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/23 3:4 a.m.10 views

CVE-2023-22288

HTML Email Injection in Tribe29 Checkmk =2.1.0p23; =2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emails...

5.4CVSS6.9AI score0.00399EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2025/05/22 12:0 a.m.7 views

PT-2025-22483 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.4.0p1 Checkmk versions prior to 2.3.0p32 Checkmk versions prior to 2.2.0p42 Checkmk versions prior to or equal to 2.1.0p49 Description: The issue arises from incorrect permissions of packages downloaded by Checkmk'...

4.3CVSS5.9AI score0.0012EPSS
Exploits0References7
ptsecurity
ptsecurity
added 2025/05/21 12:0 a.m.9 views

PT-2025-22330 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.4.0p1 Checkmk versions prior to 2.3.0p32 Checkmk versions prior to 2.2.0p42 Checkmk version 2.1.0 Description: The issue allows authenticated attackers to write arbitrary files due to argument injection in special...

8.7CVSS6.7AI score0.00662EPSS
Exploits0References8
openvas
openvas
added 2025/05/16 12:0 a.m.8 views

Checkmk < 2.2.0p42, 2.3.x < 2.3.0p32 Privilege Escalation Vulnerability

Checkmk is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; if...

8.8CVSS5.4AI score0.0026EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/05/13 10:45 a.m.9 views

CVE-2025-32917 Privilege escalation in jar_signature

Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...

5.2CVSS7.1AI score0.0026EPSS
Exploits0References1
osv
osv
added 2025/05/13 10:45 a.m.5 views

CVE-2025-32917 Privilege escalation in jar_signature

Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...

5.2CVSS5.9AI score0.0026EPSS
Exploits0References3
cve
cve
added 2025/05/13 10:45 a.m.47 views

CVE-2025-32917

CVE-2025-32917 affects Checkmk’s jar_signature agent plugin. Affected versions are before 2.4.0b7 (beta), before 2.3.0p32, before 2.2.0p42, and 2.1.0p49 (EOL). The vulnerability allows a user with write access to JAVA_HOME/bin to escalate privileges. The provided documents do not contain explicit...

8.8CVSS7.5AI score0.0026EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder