Lucene search
K

74 matches found

NVD
NVD
added 2025/10/30 10:15 p.m.5 views

CVE-2018-25123

Nagios XI versions prior to 5.5.7 contain a privilege escalation vulnerability in the MRTG graphing component. MRTG-related processes/scripts executed with excessive privileges, allowing a local attacker with limited system access to abuse file/command execution paths or writable resources to gai...

8.5CVSS0.00318EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:40 p.m.6 views

CVE-2018-25123 Nagios XI < 5.5.7 Privilege Escalation via MRTG Graphing Component

Nagios XI versions prior to 5.5.7 contain a privilege escalation vulnerability in the MRTG graphing component. MRTG-related processes/scripts executed with excessive privileges, allowing a local attacker with limited system access to abuse file/command execution paths or writable resources to gai...

8.5CVSS6.8AI score0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 9:40 p.m.8 views

CVE-2018-25123 Nagios XI < 5.5.7 Privilege Escalation via MRTG Graphing Component

Nagios XI versions prior to 5.5.7 contain a privilege escalation vulnerability in the MRTG graphing component. MRTG-related processes/scripts executed with excessive privileges, allowing a local attacker with limited system access to abuse file/command execution paths or writable resources to gai...

8.5CVSS0.00318EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:40 p.m.44 views

CVE-2018-25123

CVE-2018-25123 affects Nagios XI versions prior to 5.5.7, with a privilege escalation flaw in the MRTG graphing component. MRTG-related processes run with excessive privileges, enabling a local attacker with limited access to abuse file/command paths or writable resources to gain elevated privile...

8.5CVSS6.8AI score0.00318EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/30 12:0 a.m.6 views

PT-2025-44546

Nagios XI versions prior to 5.5.7 contain a privilege escalation vulnerability in the MRTG graphing component. MRTG-related processes/scripts executed with excessive privileges, allowing a local attacker with limited system access to abuse file/command execution paths or writable resources to gai...

8.5CVSS7.1AI score0.00318EPSS
Exploits0References3
OSV
OSV
added 2024/12/09 2:15 a.m.2 views

DEBIAN-CVE-2024-55566

ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...

6.6CVSS5.3AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2024/12/09 2:15 a.m.1 views

UBUNTU-CVE-2024-55566

ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...

6.6CVSS5.8AI score0.00217EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.12 views

CVE-2024-55566

ColPack 1.0.10 through 9a7293a has a predictable temporary file located under /tmp with a name derived from an unseeded RNG. The impact can be overwriting files or making ColPack graphing unavailable to other users...

6.6CVSS0.00217EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36558 · Colpack +1 · Colpack +1

Name of the Vulnerable Software and Affected Versions: ColPack versions 1.0.10 through 9a7293a Description: The issue is related to the creation of predictable temporary files in ColPack, located under /tmp with names derived from an unseeded Random Number Generator RNG. This can lead to...

6.6CVSS6.5AI score0.00217EPSS
Exploits0References16
CVE
CVE
added 2024/12/09 12:0 a.m.64 views

CVE-2024-55566

CVE-2024-55566 affects ColPack 1.0.10 through 9a7293a. A predictable temporary file in /tmp (name derived from an unseeded RNG) can lead to overwriting files or making ColPack graphing unavailable to other users. The provided documents do not specify the exact patched version; Fedora advisories n...

6.6CVSS7AI score0.00217EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.6 views

Number withdrawn

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool fetches data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. This CVE number has been withdrawn...

6.8AI score
Exploits0References4
CNVD
CNVD
added 2022/06/08 12:0 a.m.11 views

Command execution vulnerability in JGraph drawio-desktop

drawio-desktop is an Electron-based diagramming and whiteboarding desktop application. A command execution vulnerability exists in JGraph drawio-desktop that can be exploited by an attacker to cause code execution...

7.7AI score
Exploits0
OSV
OSV
added 2022/05/24 4:55 p.m.20 views

GHSA-Q5RG-WG7H-73M5 LibreNMS Information Disclosure

An issue was discovered in LibreNMS through 1.47. The scripts that handle graphing options html/includes/graphs/common.inc.php and html/includes/graphs/graphs.inc.php do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with...

9.8CVSS7.1AI score0.01482EPSS
Exploits1References3
Prion
Prion
added 2021/07/07 2:15 p.m.19 views

Null pointer dereference

Mikrotik RouterOs 6.44.6 long-term tree suffers from a memory corruption vulnerability in the /nova/bin/graphing process. An authenticated remote attacker can cause a Denial of Service NULL pointer dereference...

4CVSS6.6AI score0.0158EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.5 views

MikroTik RouterOS 代码问题漏洞

MikroTik RouterOS is a Linux-based router operating system developed by the Latvian company MikroTik. The system can be deployed in a PC to enable it to provide router functionality. A memory corruption vulnerability exists in the /nova/bin/graphing process in Mikrotik RouterOs. An authenticated,...

6.5CVSS5.9AI score0.0158EPSS
Exploits0References2
0day.today
0day.today
added 2021/03/16 12:0 a.m.40 views

GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service Exploit

Exploit Title: GeoGebra Graphing Calculato‪r‬ 6.0.631.0 - Denial Of Service PoC Exploit Author: Brian Rodriguez Vendor Homepage: https://www.geogebra.org Software Link: https://www.geogebra.org/download Version: 6.0.631.0-offlinegraphing Tested on: Windows 8.1 Pro STEPS Open the program Graficado...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/05/12 12:0 a.m.39 views

openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-654)

This update for cacti, cacti-spine fixes the following issues : cacti-spine and cacti were updated to 1.2.12 : cacti fixes : - CVE-2020-7106: Lack of escaping of color items can lead to XSS exposure boo1163749 - Fix multiple graphing bugs and web UI issues - Fix multiple warnings, PHP Exceptions...

6.1CVSS6.2AI score0.02139EPSS
Exploits1References2
OSV
OSV
added 2020/05/11 4:19 p.m.6 views

OPENSUSE-SU-2020:0654-1 Security update for cacti, cacti-spine

This update for cacti, cacti-spine fixes the following issues: cacti-spine and cacti were updated to 1.2.12: cacti fixes: CVE-2020-7106: Lack of escaping of color items can lead to XSS exposure boo1163749 Fix multiple graphing bugs and web UI issues Fix multiple warnings, PHP Exceptions and error...

6.1CVSS7.6AI score0.02139EPSS
Exploits1References3
OPENSUSE Linux
OPENSUSE Linux
added 2020/05/11 12:0 a.m.79 views

Security update for cacti, cacti-spine (moderate)

openSUSE Security Update: Security update for cacti, cacti-spine Announcement ID: openSUSE-SU-2020:0654-1 Rating: moderate References: 1163749 Cross-References: CVE-2020-7106 Affected Products: openSUSE Leap 15.1 openSUSE Backports SLE-15-SP1 SUSE Package Hub for SUSE Linux Enterprise 12 An updat...

6.1CVSS6.1AI score0.02139EPSS
Exploits1References1
Veracode
Veracode
added 2019/09/10 8:6 a.m.13 views

OS Command Injection

LibreNMS is vulnerable to OS command injection. It does not properly validate the user input via the graphing options html/includes/graphs/common.inc.php and html/includes/graphs/graphs.inc.php, allowing an attacker to inject any RRDtool commands such as cd and ls via html/graph.php script...

9.8CVSS4.3AI score0.01482EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder