Lucene search
K

195 matches found

NVD
NVD
added 2025/05/21 9:15 a.m.8 views

CVE-2025-1712

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

8.8CVSS0.00662EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/21 9:10 a.m.19 views

CVE-2025-1712 Arbitrary file write with vcrtrace

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

8.7CVSS0.00662EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/21 9:10 a.m.8 views

CVE-2025-1712 Arbitrary file write with vcrtrace

Argument injection in special agent configuration in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files...

8.7CVSS7.2AI score0.00662EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 11:16 a.m.15 views

CVE-2025-32917

Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...

8.8CVSS7.4AI score0.0026EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 11:15 a.m.20 views

CVE-2025-32917

Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...

8.8CVSS0.0026EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.7 views

PT-2025-20885 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.4.0b7 beta Checkmk versions prior to 2.3.0p32 Checkmk versions prior to 2.2.0p42 Checkmk version 2.1.0p49 Description: The issue allows a user with write access to the JAVA HOME/bin directory to escalate privileges...

5.2CVSS6.5AI score0.0026EPSS
Exploits0References7
CVE
CVE
added 2025/04/22 11:38 a.m.69 views

CVE-2025-2092

Checkmk CVE-2025-2092 affects Checkmk versions <2.3.0p29, <2.2.0p41 and

7.5CVSS6.7AI score0.00254EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/04/12 8:14 a.m.31 views

CVE-2024-38865

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...

6CVSS7.5AI score0.00767EPSS
Exploits0References1
NVD
NVD
added 2025/04/10 8:15 a.m.10 views

CVE-2024-38865

Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...

8.8CVSS0.00767EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/03/28 11:37 a.m.15 views

CVE-2025-2596

Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...

5.3CVSS7.2AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2025/03/26 11:15 a.m.15 views

CVE-2025-2596

Session logout could be overwritten in Checkmk GmbH's Checkmk versions 2.3.0p30, 2.2.0p41, and 2.1.0p49 EOL...

5.3CVSS0.00195EPSS
Exploits0References1
CVE
CVE
added 2025/03/26 10:51 a.m.72 views

CVE-2025-2596

CVE-2025-2596 concerns Checkmk software from Checkmk GmbH where session logout can be overwritten by a long-lasting request. Affected versions are <2.3.0p30,

5.3CVSS7.1AI score0.00195EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/02/19 10:15 a.m.9 views

CVE-2025-1075

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...

7.5CVSS0.00293EPSS
Exploits0References1
OSV
OSV
added 2025/02/19 10:15 a.m.4 views

UBUNTU-CVE-2025-1075

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...

7.5CVSS5.8AI score0.00293EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/19 9:49 a.m.12 views

CVE-2025-1075 LDAP credentials logged to Apache error log

Insertion of Sensitive Information into Log File in Checkmk GmbH's Checkmk versions 2.3.0p27, 2.2.0p40, and 2.1.0p51 EOL causes LDAP credentials to be written to Apache error log file accessible to administrators...

5.6CVSS0.00293EPSS
Exploits0References1
0day.today
0day.today
added 2025/02/05 12:0 a.m.162 views

Checkmk 2.3.0p2 / NagVis 1.9.40 Shell Upload Vulnerability

Title: Checkmk NagVis Remote Code Execution Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-002.txt 1. Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE Classification:...

7.2CVSS7AI score0.0126EPSS
Exploits2
0day.today
0day.today
added 2025/02/05 12:0 a.m.174 views

Checkmk 2.3.0p2 / NagVis 1.9.40 Cross Site Scripting Vulnerability

Title: Checkmk NagVis Reflected Cross-site Scripting Publication URL: https://korelogic.com/Resources/Advisories/KL-001-2025-001.txt 1. Vulnerability Details Affected Vendor: Checkmk Affected Product: Checkmk/NagVis Affected Version: Checkmk 2.3.0p2, NagVis 1.9.40 Platform: GNU/Linux CWE...

5.4CVSS7AI score0.00557EPSS
Exploits2
OSV
OSV
added 2025/02/04 10:15 p.m.4 views

UBUNTU-CVE-2024-13723

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP...

7.2CVSS6.8AI score0.0126EPSS
Exploits2References8
Vulnrichment
Vulnrichment
added 2025/02/04 10:2 p.m.18 views

CVE-2024-13723 Checkmk NagVis Remote Code Execution

The "NagVis" component within Checkmk is vulnerable to remote code execution. An authenticated attacker with administrative level privileges is able to upload a malicious PHP file and modify specific settings to execute the contents of the file as PHP...

7.4AI score0.0126EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/02/04 12:0 a.m.5 views

PT-2025-2259 · Nagvis +2 · Nagvis +2

Name of the Vulnerable Software and Affected Versions: Checkmk affected versions not specified Description: The issue concerns the "NagVis" component within Checkmk, which is susceptible to remote code execution. An authenticated attacker with administrative level privileges can upload a maliciou...

9.1CVSS6.7AI score0.04135EPSS
Exploits8References32
Rows per page
Query Builder