CVE-2021-33178

The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system...

CVE-2025-39665

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

Linux Distros Unpatched Vulnerability : CVE-2025-39665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames. CVE-2025-39665 Note...

CVE-2025-39665

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

DEBIAN-CVE-2025-39665

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

CVE-2025-39665

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

UBUNTU-CVE-2025-39665

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

CVE-2025-39665

NagVis Checkmk MultisiteAuth vulnerability CVE-2025-39665 affects versions before 1.9.48. An unauthenticated attacker can enumerate Checkmk usernames via user enumeration in the multisite authentication flow. Public references point to NagVis 1.9.48 as the fix. Impact details are limited to usern...

EUVD-2025-200737

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

CVE-2025-39665 Livestatus Injection in dynmaps

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

CVE-2025-39665

User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...

PT-2025-48802

Name of the Vulnerable Software and Affected Versions Nagvis Checkmk MultisiteAuth versions prior to 1.9.48 Description An unauthenticated attacker can enumerate Checkmk usernames. This issue affects the user enumeration functionality within the software. Recommendations Update to version 1.9.48 ...

NagVis 安全漏洞

NagVis is a program from NagVis open source. Used to visualize your chosen monitoring core data in a user-friendly way. A security vulnerability exists in NagVis versions prior to 1.9.48 that stems from an unauthenticated attacker being able to enumerate usernames...

CVE-2024-14002

Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion LFI vulnerability via its NagVis integration. An authenticated user can supply crafted path values that cause the server to include local files, potentially exposing sensitive information from the underlying host...

CVE-2024-14004

Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...

EUVD-2024-55052

Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...

EUVD-2024-55055

Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion LFI vulnerability via its NagVis integration. An authenticated user can supply crafted path values that cause the server to include local files, potentially exposing sensitive information from the underlying host...

CVE-2024-14004

Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...

CVE-2024-14004

Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...

CVE-2024-14002

Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion LFI vulnerability via its NagVis integration. An authenticated user can supply crafted path values that cause the server to include local files, potentially exposing sensitive information from the underlying host...