Lucene search
K

787 matches found

CVE
CVE
added 2026/02/01 12:15 p.m.21 views

CVE-2022-50942

Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that enables attackers to inject scripts via the icinga.min.js file by exploiting EventListener.handleEvent. This can lead to session hijacking and non-persistent phishing attacks. The issue is described across multiple s...

5.4CVSS5.5AI score0.00256EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/02/01 12:15 p.m.2 views

CVE-2022-50942 Incinga Web 2.8.2 Client-Side Cross-Site Scripting via EventListener

Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacki...

5.4CVSS5.5AI score0.00256EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/01 12:15 p.m.6 views

EUVD-2022-55948

Inciga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijackin...

5.4CVSS6.1AI score0.00256EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/01 12:15 p.m.30 views

CVE-2022-50942 Incinga Web 2.8.2 Client-Side Cross-Site Scripting via EventListener

Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijacki...

5.4CVSS0.00256EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/01 12:0 a.m.6 views

Icinga Web 2 跨站脚本漏洞

Icinga Web 2 is an open-source monitoring and measurement solution developed by Icinga. Version 2.8.2 of Icinga Web 2 contains a cross-site scripting vulnerability. This vulnerability stems from the icinga.min.js file, which has a client-side cross-site scripting vulnerability. It may lead to...

5.4CVSS5.6AI score0.00256EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/02/01 12:0 a.m.7 views

PT-2026-5569

Inciga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the icinga.min.js file. Attackers can exploit the EventListener.handleEvent method to execute arbitrary scripts, potentially leading to session hijackin...

5.4CVSS6.1AI score0.00256EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/02/01 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-50942

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incinga Web 2.8.2 contains a client-side cross-site scripting vulnerability that allows remote attackers to inject malicious script codes through the...

5.4CVSS6.2AI score0.00256EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-24413

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set...

6.8CVSS5.8AI score0.00068EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/30 9:23 p.m.5 views

CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

6.8CVSS5.9AI score0.00068EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/30 9:23 p.m.4 views

CVE-2026-24414

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References1
SUSE CVE
SUSE CVE
added 2026/01/30 12:24 a.m.5 views

SUSE CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

5.5CVSS5.9AI score0.00068EPSS
Exploits0References3
NVD
NVD
added 2026/01/29 6:16 p.m.11 views

CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

6.8CVSS0.00068EPSS
Exploits0References3
NVD
NVD
added 2026/01/29 6:16 p.m.8 views

CVE-2026-24414

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS0.00097EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2026/01/29 6:16 p.m.4 views

CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

6.8CVSS5.9AI score0.00068EPSS
Exploits0References4
OSV
OSV
added 2026/01/29 6:16 p.m.2 views

UBUNTU-CVE-2026-24413

Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...

6.8CVSS5.8AI score0.00068EPSS
Exploits0References5
CVE
CVE
added 2026/01/29 5:35 p.m.22 views

CVE-2026-24414

The CVE-2026-24414 entry concerns the Icinga PowerShell Framework: prior to versions 1.13.4, 1.12.4, and 1.11.2, the certificate directory permissions grant read access to all users, exposing the host’s Icinga private key. A fix exists in those specific patch versions, and upgrading Icinga for Wi...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2026/01/29 5:35 p.m.37 views

CVE-2026-24414 Icinga for Windows certificate can have too-open permissions

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS0.00097EPSS
Exploits2References3
Vulnrichment
Vulnrichment
added 2026/01/29 5:35 p.m.4 views

CVE-2026-24414 Icinga for Windows certificate can have too-open permissions

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References3
EUVD
EUVD
added 2026/01/29 5:35 p.m.15 views

EUVD-2026-4963

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/01/29 5:35 p.m.4 views

CVE-2026-24414

The Icinga PowerShell Framework provides configuration and check possibilities to ensure integration and monitoring of Windows environments. In versions prior to 1.13.4, 1.12.4, and 1.11.2, permissions of the Icinga for Windows certificate directory grant every user read access, which results in...

6.8CVSS5.9AI score0.00097EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder