CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1445 matches found

OSV•added 2023/11/24 9:15 a.m.•3 views

UBUNTU-CVE-2023-6251

Cross-site Request Forgery CSRF in Checkmk 2.2.0p15, 2.1.0p37, = 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users...

3.5CVSS5.8AI score0.00232EPSS

Exploits0References3

Prion•added 2023/11/24 9:15 a.m.•14 views

Cross site request forgery (csrf)

Cross-site Request Forgery CSRF in Checkmk 2.2.0p15, 2.1.0p37, = 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users...

3.5CVSS7.1AI score0.00232EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2023/11/24 9:15 a.m.•21 views

CVE-2023-6251

Cross-site Request Forgery CSRF in Checkmk 2.2.0p15, 2.1.0p37, = 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users...

3.5CVSS5.9AI score0.00232EPSS

Exploits0References2

CVE•added 2023/11/24 8:16 a.m.•56 views

CVE-2023-6251

CVE-2023-6251 describes a Cross-site Request Forgery in Checkmk that allows an authenticated attacker to delete a user’s messages. Affected versions are Checkmk < 2.2.0p15, < 2.1.0p37, and

3.5CVSS3.7AI score0.00232EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/24 8:16 a.m.•23 views

CVE-2023-6251 CSRF in delete_user_message

Cross-site Request Forgery CSRF in Checkmk 2.2.0p15, 2.1.0p37, = 2.0.0p39 allow an authenticated attacker to delete user-messages for individual users...

3.5CVSS4.7AI score0.00232EPSS

Exploits0References1

CNNVD•added 2023/11/24 12:0 a.m.•4 views

Checkmk Security Vulnerabilities

Checkmk is an editor. Checkmk has a security vulnerability that stems from the presence of a cross-site request forgery CSRF vulnerability that allows an authenticated attacker to delete a single user's user messages...

3.5CVSS6.7AI score0.00232EPSS

Exploits0References1

Positive Technologies•added 2023/11/24 12:0 a.m.•4 views

PT-2023-32577 · Checkmk · Checkmk

Name of the Vulnerable Software and Affected Versions: Checkmk versions prior to 2.2.0p15 Checkmk versions prior to 2.1.0p37 Checkmk versions prior to 2.0.0p40 Description: The issue allows an authenticated attacker to delete user-messages for individual users due to a Cross-site Request Forgery...

3.5CVSS7.3AI score0.00232EPSS

Exploits0References6

OSV•added 2023/11/22 5:15 p.m.•14 views

CVE-2023-6157

Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command execution for authorized users...

8.8CVSS7.2AI score

Exploits0References1

NVD•added 2023/11/22 5:15 p.m.•10 views

CVE-2023-6156

Improper neutralization of livestatus command delimiters in the availability timeline in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command execution for authorized users...

8.8CVSS0.00857EPSS

Exploits0References1

NVD•added 2023/11/22 5:15 p.m.•14 views

CVE-2023-6157

Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command execution for authorized users...

8.8CVSS0.00857EPSS

Exploits0References1

OSV•added 2023/11/22 5:15 p.m.•18 views

CVE-2023-6156

8.8CVSS7.2AI score

Exploits0References1

Prion•added 2023/11/22 5:15 p.m.•20 views

Input validation

Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command execution for authorized users...

6.5CVSS7.5AI score0.00857EPSS

Exploits0References1Affected Software1

Prion•added 2023/11/22 5:15 p.m.•23 views

Input validation

6.5CVSS7.5AI score0.00857EPSS

Exploits0References1Affected Software1

UbuntuCve•added 2023/11/22 5:15 p.m.•17 views

CVE-2023-6157

Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command execution for authorized users...

8.8CVSS7.5AI score0.00857EPSS

Exploits0References2

OSV•added 2023/11/22 5:15 p.m.•2 views

UBUNTU-CVE-2023-6157

Improper neutralization of livestatus command delimiters in ajaxsearch in Checkmk = 2.0.0p39, 2.1.0p37, and 2.2.0p15 allows arbitrary livestatus command execution for authorized users...

8.8CVSS6AI score0.00857EPSS

Exploits0References3

UbuntuCve•added 2023/11/22 5:15 p.m.•26 views

CVE-2023-6156

8.8CVSS7.5AI score0.00857EPSS

Exploits0References2

OSV•added 2023/11/22 5:15 p.m.•3 views

UBUNTU-CVE-2023-6156

8.8CVSS6.1AI score0.00857EPSS

Exploits0References3

CVE•added 2023/11/22 4:24 p.m.•50 views

CVE-2023-6157

CVE-2023-6157 affects Checkmk and is due to improper neutralization of livestatus command delimiters in the ajax_search function. Affected versions include Checkmk <= 2.0.0p39, < 2.1.0p37, and

8.8CVSS8.3AI score0.00857EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/11/22 4:24 p.m.•21 views

CVE-2023-6156 Livestatus injection in availability timeline

7.6CVSS9.1AI score0.00857EPSS

Exploits0References1

CVE•added 2023/11/22 4:24 p.m.•47 views

CVE-2023-6156

CVE-2023-6156 affects Checkmk, where the vulnerability stems from improper neutralization of the livestatus command delimiters in the availability timeline. It enables arbitrary livestatus command execution for authorized users due to flawed input handling in affected builds. Affected versions in...

8.8CVSS8.3AI score0.00857EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by