Lucene search
K

76 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.9 views

CVE-2021-28924

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...

6.1CVSS6AI score0.09246EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.7 views

CVE-2023-7319

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS6.2AI score0.00466EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.6 views

CVE-2025-34278

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting XSS vulnerability in the Source Groups page percentile calculator menu. An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a...

5.4CVSS5.7AI score0.00689EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.4 views

CVE-2025-34280

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in...

8.6CVSS8AI score0.01302EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/31 12:30 a.m.6 views

EUVD-2025-37216

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in...

8.6CVSS7.5AI score0.01302EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/31 12:30 a.m.6 views

EUVD-2025-37215

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting XSS vulnerability in the Source Groups page percentile calculator menu. An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a...

5.1CVSS5.2AI score0.00689EPSS
Exploits0References4
NVD
NVD
added 2025/10/30 10:15 p.m.9 views

CVE-2025-34280

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in...

8.6CVSS0.01302EPSS
Exploits0References3
NVD
NVD
added 2025/10/30 10:15 p.m.9 views

CVE-2025-34278

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting XSS vulnerability in the Source Groups page percentile calculator menu. An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a...

5.4CVSS0.00689EPSS
Exploits0References3
OSV
OSV
added 2025/10/30 10:15 p.m.4 views

CVE-2025-34278

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting XSS vulnerability in the Source Groups page percentile calculator menu. An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a...

5.4CVSS5.6AI score0.00689EPSS
Exploits0References3
OSV
OSV
added 2025/10/30 10:15 p.m.4 views

CVE-2025-34280

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in...

7.2CVSS6.4AI score
Exploits0References3
NVD
NVD
added 2025/10/30 10:15 p.m.6 views

CVE-2023-7319

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS0.00466EPSS
Exploits0References2
OSV
OSV
added 2025/10/30 10:15 p.m.3 views

CVE-2023-7319

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.4CVSS5.9AI score0.00466EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/30 9:28 p.m.5 views

CVE-2023-7319 Nagios Network Analyzer < 2024R1 XSS via Percentile Calculator Menu

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.1CVSS0.00466EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/30 9:28 p.m.2 views

CVE-2023-7319 Nagios Network Analyzer < 2024R1 XSS via Percentile Calculator Menu

Nagios Network Analyzer versions prior to 2024R1 are vulnerable to cross-site scripting XSS via the Percentile Calculator menu. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

5.1CVSS5.8AI score0.00466EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:28 p.m.6 views

CVE-2023-7319

Nagios Network Analyzer versions prior to 2024R1 are affected by a cross-site scripting (XSS) vulnerability in the Percentile Calculator menu. The root cause is insufficient validation or escaping of user-supplied input, which can allow an attacker to inject and execute arbitrary script in a vict...

5.4CVSS5.8AI score0.00466EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/10/30 9:28 p.m.8 views

CVE-2025-34278 Nagios Network Analyzer < 2024R1 Source Groups / Percentile Calculator Menu Stored XSS

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting XSS vulnerability in the Source Groups page percentile calculator menu. An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a...

5.1CVSS0.00689EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/10/30 9:28 p.m.3 views

CVE-2025-34278 Nagios Network Analyzer < 2024R1 Source Groups / Percentile Calculator Menu Stored XSS

Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting XSS vulnerability in the Source Groups page percentile calculator menu. An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a...

5.1CVSS5.3AI score0.00689EPSS
Exploits0References3
CVE
CVE
added 2025/10/30 9:27 p.m.13 views

CVE-2025-34280

The CVE-2025-34280 affects Nagios Network Analyzer versions prior to 2024R2.0.1. The LDAP certificate management feature fails to sanitize inputs, enabling an authenticated administrator to trigger remote code execution on the host within the web application service privileges. Impact is remote c...

8.6CVSS7.7AI score0.01302EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/30 9:27 p.m.2 views

CVE-2025-34280 Nagios Network Analyzer < 2024R2.0.1 RCE in LDAP Certificate Removal Function

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in...

8.6CVSS7.7AI score0.01302EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/10/30 9:27 p.m.6 views

CVE-2025-34280 Nagios Network Analyzer < 2024R2.0.1 RCE in LDAP Certificate Removal Function

Nagios Network Analyzer versions prior to 2024R2.0.1 contain a vulnerability in the LDAP certificate management functionality whereby the certificate removal operation fails to apply adequate input sanitation. An authenticated administrator can trigger command execution on the underlying host in...

8.6CVSS0.01302EPSS
Exploits0References3
Rows per page
Query Builder