Lucene search
K

153 matches found

CNNVD
CNNVD
added 2025/04/01 12:0 a.m.6 views

Nagios Network Analyzer 授权问题漏洞

Nagios Network Analyzer is an enterprise solution for monitoring and analyzing network traffic from Nagios, Inc. An authorization issue vulnerability exists in Nagios Network Analyzer version 2024R1.0.3, which stems from improper access control that allows a low-privileged user to perform...

4.6CVSS6.7AI score0.00383EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/01 12:0 a.m.12 views

CVE-2025-28131

A Broken Access Control vulnerability in Nagios Network Analyzer 2024R1.0.3 allows low-privilege users with "Read-Only" access to perform administrative actions, including stopping system services and deleting critical resources. This flaw arises due to improper authorization enforcement, enablin...

0.00383EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/04/01 12:0 a.m.5 views

PT-2025-14370 · Nagios · Nagios Network Analyzer

Name of the Vulnerable Software and Affected Versions: Nagios Network Analyzer version 2024R1.0.3 Description: A Broken Access Control issue allows low-privilege users with "Read-Only" access to perform administrative actions, including stopping system services and deleting critical resources. Th...

4.6CVSS6.3AI score0.00383EPSS
Exploits0References9
Redos
Redos
added 2024/06/06 12:0 a.m.28 views

ROS-20240606-03

Vulnerability of handlechopping function of Wireshark computer network traffic analyzer is related to a memory handling issue in EditCap. memory handling issue in EditCap. Exploitation of the vulnerability could allow an attacker to cause a denial of denial of service Vulnerability in MONGO and...

7.8CVSS7.1AI score0.01403EPSS
Exploits3
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.4 views

Scrutinizer NetFlow & sFlow Analyzer Log Information Disclosure Vulnerability

Plixer Scrutinizer NetFlow & sFlow Analyzer is a network traffic analysis system from Plixer, USA. The system provides traffic monitoring, context forensics, and security analysis. A security vulnerability exists in Scrutinizer NetFlow & sFlow Analyzer versions prior to 19.3.1, which stems from a...

3.7CVSS6.8AI score0.00413EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2021/12/09 12:0 a.m.5 views

The vulnerability of the communication standard set for IEEE 802.11 by the computer network traffic analyzer Wireshark allows a hacker to cause a service failure.

The vulnerability of the IEEE 802.11 communication standard set for computer network traffic analyzers like Wireshark is related to pointer arithmetic errors. Exploiting this vulnerability allows a malicious actor to cause service interruptions by injecting specially crafted packets...

7.8CVSS6.8AI score0.05501EPSS
Exploits1References5Affected Software2
Check Point Advisories
Check Point Advisories
added 2021/04/27 12:0 a.m.4 views

Nagios Network Analyzer Cross-Site Scripting (CVE-2021-28924)

A cross-site scripting vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

4.3CVSS4.7AI score0.09246EPSS
Exploits1
Check Point Advisories
Check Point Advisories
added 2021/04/21 12:0 a.m.4 views

Nagios Network Analyzer SQL Injection (CVE-2021-28925)

An SQL injection vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.2AI score0.04217EPSS
Exploits1
CNVD
CNVD
added 2021/04/09 12:0 a.m.8 views

Nagios Network Analyzer SQL Injection Vulnerability

Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A SQL injection vulnerability exists in Nagios Network Analyzer versions prior to 2.4.3. The vulnerability can be exploited to read sensitive data from the database and...

9.8CVSS7.4AI score0.04217EPSS
Exploits1References1
CNVD
CNVD
added 2021/04/09 12:0 a.m.9 views

Nagios Network Analyzer Self-XSS Vulnerability

Nagios Network Analyzer is a network data flow analyzer that provides a view of all network traffic and bandwidth utilization. A Self-XSS vulnerability exists in Nagios Network Analyzer versions prior to 2.4.2. An attacker can exploit this vulnerability to conduct cross-site scripting attacks via...

6.1CVSS6AI score0.09246EPSS
Exploits1References1
OSV
OSV
added 2021/04/08 1:15 p.m.5 views

CVE-2021-28924

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...

6.1CVSS6.4AI score0.09246EPSS
Exploits1References2
OSV
OSV
added 2021/04/08 1:15 p.m.2 views

CVE-2021-28925

SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...

9.8CVSS5.8AI score0.04217EPSS
Exploits1References2
NVD
NVD
added 2021/04/08 1:15 p.m.20 views

CVE-2021-28925

SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...

9.8CVSS0.04217EPSS
Exploits1References2
NVD
NVD
added 2021/04/08 1:15 p.m.16 views

CVE-2021-28924

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...

6.1CVSS0.09246EPSS
Exploits1References2
Prion
Prion
added 2021/04/08 1:15 p.m.15 views

Sql injection

SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...

7.5CVSS9.7AI score0.04217EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2021/04/08 1:15 p.m.24 views

Code injection

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...

4.3CVSS6AI score0.09246EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/04/08 12:57 p.m.27 views

CVE-2021-28924

Self Authenticated XSS in Nagios Network Analyzer before 2.4.2 via the nagiosna/groups/queries page...

6.1AI score0.09246EPSS
Exploits1References2
CVE
CVE
added 2021/04/08 12:57 p.m.50 views

CVE-2021-28924

CVE-2021-28924 affects Nagios Network Analyzer prior to 2.4.2. The issue is a Self Authenticated XSS in the nagiosna/groups/queries page. The vulnerability is a client-side scripting flaw that can be triggered by an authenticated user interacting with the affected page, potentially leading to arb...

6.1CVSS5.9AI score0.09246EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2021/04/08 12:57 p.m.20 views

CVE-2021-28925

SQL injection vulnerability in Nagios Network Analyzer before 2.4.3 via the ocol parameter to api/checks/read/...

10AI score0.04217EPSS
Exploits1References2
CVE
CVE
added 2021/04/08 12:57 p.m.47 views

CVE-2021-28925

Nagios Network Analyzer prior to version 2.4.3 contains a SQL injection vulnerability in the o[col] parameter of api/checks/read/. The issue is due to improper input handling that allows arbitrary SQL execution, potentially enabling an attacker to read and modify database data. Multiple sources c...

9.8CVSS9.7AI score0.04217EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder