CVE-2026-6264 Critical Security fix for the Talend JobServer and Talend Runtime

A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

CVE-2026-33247 NATS credentials are exposed in monitoring port via command-line argv

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, if a nats-server is run with static credentials for all clients provided via argv the command-line, then those credentials are visible to any user who can see the...

NATS credentials are exposed in monitoring port via command-line argv

Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server provides an optional monitoring port, which provides access to sensitive data. The nats-server can take certain configuratio...

Linux Distros Unpatched Vulnerability : CVE-2018-18246

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via...

Acronis True Image 安全漏洞

Acronis True Image is a well-known data backup and restore software from Singapore-based Acronis. Acronis True Image 2020 version 24.5.22510 contains a security vulnerability that could be exploited by an attacker to add arbitrary malicious executables to a whitelist or even exclude an entire dri...

UBUNTU-CVE-2018-18246

Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module...

DEBIAN-CVE-2018-18246

Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module...

UBUNTU-CVE-2016-7067

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service...

CVE-2015-4355

Cross-site request forgery CSRF vulnerability in the Watchdog Aggregator module for Drupal allows remote attackers to hijack the authentication of administrators for requests that enable or disable monitoring sites via unspecified vectors...

How to disable monitoring of Virtual Machines with nworks MP

Purpose In some environments, there is no need to monitor certain or any virtual machines. With nworks MP, it is possible to: - Disable discovery of all virtual machines, and - Disable discovery of specific virtual machines workaround available since 5.6. Solution Disable discovery of virtual...