2393 matches found
GHSA-CXQ7-XW9V-RCV3 vulnerabilities
Vulnerabilities for packages: falcoctl-fips, wire-go, velero-plugin-for-microsoft-azure, velero-plugin-for-csi, secrets-store-csi-driver-provider-aws-fips, prometheus-podman-exporter, cloud-provider-gcp-cloud-controller-manager-fips, falcosidekick-fips, kubernetes-dashboard-auth-fips,...
GHSA-9GCR-GP5F-JW27 vulnerabilities
Vulnerabilities for packages: falcoctl-fips, wire-go, velero-plugin-for-microsoft-azure, velero-plugin-for-csi, secrets-store-csi-driver-provider-aws-fips, prometheus-podman-exporter, cloud-provider-gcp-cloud-controller-manager-fips, falcosidekick-fips, kubernetes-dashboard-auth-fips,...
Cisco IOS XE Software Simple Network Management Protocol DoS (cisco-sa-snmpwred-x3MJyf5M)
According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affected...
Security Bulletin: Multiple vulnerabilities in IBM DataPower OS kernel resulting in Denial of Service
Summary The following kernel issues may result in an unexpected device reload. Vulnerability Details CVEID:CVE-2024-42292 DESCRIPTION: In the Linux kernel, the following vulnerability has been resolved: kobjectuevent: Fix OOB access within zapmodaliasenv zapmodaliasenv wrongly calculates size of...
SUSE CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
UBUNTU-CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
EUVD-2025-34791
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909
CVE-2025-61909 affects Icinga 2: from 2.10.0 up to but not including 2.15.1, and also affected 2.14.7 and 2.13.13, the safe-reload script (used during icinga2 reload) and the logrotate config read the main Icinga 2 process PID from a PID file writable by the daemon user, but send signals as root....
CVE-2025-61909 Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909 Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909 Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-5946
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Poller reload setup in the configuration modules allows OS Command Injection. On the poller parameters page, a user with high privilege is able to concatenate custom...
SUSE-SU-2025:20846-1 Security update for chrony
This update for chrony fixes the following issues: - Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...
CVE-2025-5946
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Poller reload setup in the configuration modules allows OS Command Injection. On the poller parameters page, a user with high privilege is able to concatenate custom...
CVE-2025-5946 RCE via the poller reload feature available only to user with high privilege
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Poller reload setup in the configuration modules allows OS Command Injection. On the poller parameters page, a user with high privilege is able to concatenate custom...
EUVD-2025-34208
Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Poller reload setup in the configuration modules allows OS Command Injection. On the poller parameters page, a user with high privilege is able to concatenate custom...
CVE-2025-5946
Centreon Infra Monitoring has a high-severity OS Command Injection vulnerability (CVE-2025-5946) affecting the poller reload feature. A user with high privileges on the Centreon Web UI can inject commands via the broker engine reload parameter, triggering potential remote code execution. Public d...