40 matches found
EUVD-2016-3397
Malware in sbrugna...
EUVD-2005-1527
Malware in sbrugna...
EUVD-2017-7844
Malware in sbrugna...
EUVD-2018-2142
Malware in sbrugna...
EUVD-2024-29333
Malicious code in bioql PyPI...
CVE-2025-26520
Cacti through 1.2.29 allows SQL injection in the template function in hosttemplates.php via the graphtemplate parameter. NOTE: this issue exists because of an incomplete fix for CVE-2024-54146...
[SECURITY] [DLA 4048-1] cacti security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-4048-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès February 10, 2025 https://wiki.debian.org/LTS -...
[SECURITY] [DSA 5862-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5862-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 10, 2025 https://www.debian.org/security/faq -...
Debian dsa-5862 : cacti - security update
The remote Debian 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5862 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5862-1 [email protected] https://www.debian.org/securit...
CVE-2024-29895
Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...
Critical Cacti Security Flaw (CVE-2025-22604) Enables Remote Code Execution
A critical security flaw has been disclosed in the Cacti open-source network monitoring and fault management framework that could allow an authenticated attacker to achieve remote code execution on susceptible instances. The flaw, tracked as CVE-2025-22604, carries a CVSS score of 9.1 out of a...
CVE-2025-24368
Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...
CVE-2025-24368 Cacti has a SQL Injection vulnerability when using tree rules through Automation API
Cacti is an open source performance and fault management framework. Some of the data stored in automationtreerules.php is not thoroughly checked and is used to concatenate the SQL statement in buildruleitemfilter function from lib/apiautomation.php, resulting in SQL injection. This vulnerability ...
Fedora 37 : cacti / cacti-spine (2022-b2be5ddbb8)
The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2022-b2be5ddbb8 advisory. - Update to 1.2.22 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
[SECURITY] [DLA 3884-1] cacti security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3884-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès September 09, 2024 https://wiki.debian.org/LTS -...
OPENSUSE-SU-2024:12593-1 cacti-1.2.23-1.1 on GA media
These are all security issues fixed in the cacti-1.2.23-1.1 package on the GA media of openSUSE Tumbleweed...
DSA-5646-1 cacti - security update
Bulletin has no description...
CVE-2023-49088
Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in...
CVE-2023-37543
Cacti before 1.2.6 allows IDOR Insecure Direct Object Reference for accessing any graph via a modified localgraphid parameter to graphxport.php. This is a different vulnerability than CVE-2019-16723...
OPENSUSE-SU-2022:0145-1 Security update for cacti, cacti-spine
This update for cacti, cacti-spine fixes the following issues: cacti-spine was updated to 1.2.20: Add support for newer versions of MySQL/MariaDB When checking for uptime of device, don't assume a non-response is always fatal Fix description and command trunctation issues Improve spine performanc...