CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

162 matches found

RedhatCVE•added 2026/01/09 11:24 a.m.•4 views

CVE-2021-31574

In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID:...

9.8CVSS7.9AI score0.02711EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:23 a.m.•5 views

CVE-2021-31575

In Config Manager, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege from a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20210009; Issue ID:...

9.8CVSS7.9AI score0.02711EPSS

Exploits0References1

OSV•added 2025/12/11 12:16 p.m.•0 views

CVE-2025-64993

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

7.2CVSS6.2AI score0.00063EPSS

Exploits0References1

CVE•added 2025/12/11 11:29 a.m.•18 views

CVE-2025-64993

Summary: CVE-2025-64993 affects TeamViewer DEX (formerly 1E DEX). The issue is a command-injection in the 1E-ConfigMgrConsoleExtensions instructions caused by improper input validation. Impact: authenticated attackers with Actioner privileges can inject arbitrary commands, enabling remote executi...

7.2CVSS7.6AI score0.00063EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/12/11 11:29 a.m.•26 views

CVE-2025-64993 Command Injection in 1E-ConfigMgrConsoleExtensions Instructions

A command injection vulnerability was discovered in TeamViewer DEX former 1E DEX, specifically within the 1E-ConfigMgrConsoleExtensions instructions. Improper input validation, allowing authenticated attackers with Actioner privileges to inject arbitrary commands. Exploitation enables remote...

6.8CVSS0.00063EPSS

Exploits0References1

NCSC•added 2025/11/03 8:27 a.m.•5 views

Vulnerabilities fixed in Nagios XI

Nagios has fixed vulnerabilities in Nagios XI Versions before 2024R1.4.2 and 2024R2. The vulnerabilities include a remote code execution vulnerability within the Business Process Intelligence component, insufficient permissions on systemd unit files, unauthorized access to API keys, a command...

9.4CVSS8.9AI score0.01622EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:8 p.m.•1 views

CVE-2021-47689

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.0 / Nagios XI 5.8.0 contais a cross-site scripting XSS vulnerability in the Templates pages, specifically in the UI logic that renders and handles the Active/Actions buttons. Insufficient validation or escaping of user-supplied...

5.4CVSS6AI score0.00766EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:8 p.m.•2 views

CVE-2021-47690

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains multiple cross-site scripting XSS vulnerabilities in Overlay modals. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the conte...

5.4CVSS6.3AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:8 p.m.•3 views

CVE-2021-47694

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.4 / Nagios XI 5.8.6 contains a reflected cross-site scripting XSS vulnerability via the Test Command functionality. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary...

6.1CVSS6.2AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•2 views

CVE-2021-47691

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains multiple cross-site scripting XSS vulnerabilities via the Services page affecting the configname and servicedescription fields. Insufficient validation or escaping of user-supplied input may allow an...

5.4CVSS6.4AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•4 views

CVE-2022-50584

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.6 / Nagios XI 5.8.8 contains a cross-site scripting XSS vulnerability via the search and deletion interfaces. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script ...

5.4CVSS6.1AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•2 views

CVE-2020-36860

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains multiple cross-site scripting XSS vulnerabilities in the object edit pages. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in th...

5.4CVSS6.3AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•3 views

CVE-2022-50585

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.7 / Nagios XI 5.8.9 contains a cross-site scripting XSS vulnerability via the Audit Log page search input. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in...

5.4CVSS6.1AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•2 views

CVE-2020-36861

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.0.8 / Nagios XI 5.7.5 contains multiple cross-site scripting XSS vulnerabilities in the overlay UI elements and the Notification/Check Period pages. Insufficient validation or escaping of user-supplied input may allow an attacker to...

5.4CVSS6.3AI score0.00501EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•3 views

CVE-2021-47693

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.3 / Nagios XI 5.8.5 contains a SQL injection vulnerability in the search text handling. Unsanitized user-supplied input was incorporated into SQL queries used by configuration object editors, allowing authenticated users to inject...

8.8CVSS7.4AI score0.01476EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•1 views

CVE-2025-34286

Nagios XI versions prior to 2026R1 contain a remote code execution vulnerability in the Core Config Manager CCM Run Check command. Insufficient validation/escaping of parameters used to build backend command lines allows an authenticated administrator to inject shell metacharacters that are...

9.4CVSS8.2AI score0.00993EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•1 views

CVE-2020-36859

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.0.7 / Nagios XI 5.7.4 contains multiple SQL injection vulnerabilities in the object edit pages. Unsanitized user-supplied input was incorporated into SQL queries used by configuration object editors, allowing authenticated users to...

8.8CVSS7.5AI score0.01476EPSS

Exploits0References1

RedhatCVE•added 2025/10/31 10:7 p.m.•1 views

CVE-2020-36856

Nagios XI versions prior to 5.6.14 contain an authenticated remote command execution vulnerability in the CCM commandtest.php script. Insufficient validation of the address parameter allows an authenticated user with access to the Core Config Manager to inject shell metacharacters that are...

9.4CVSS7.6AI score0.00262EPSS

Exploits0References1

EUVD•added 2025/10/31 12:30 a.m.•1 views

EUVD-2025-37209

Nagios XI versions prior to 2026R1 contain a remote code execution vulnerability in the Core Config Manager CCM Run Check command. Insufficient validation/escaping of parameters used to build backend command lines allows an authenticated administrator to inject shell metacharacters that are...

9.4CVSS7.7AI score0.00993EPSS

Exploits0References4

EUVD•added 2025/10/31 12:30 a.m.•1 views

EUVD-2021-34708

The Core Config Manager CCM in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains multiple cross-site scripting XSS vulnerabilities in Overlay modals. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the conte...

5.1CVSS5.8AI score0.00501EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by