CVE-2025-64998

Exposure of session signing secret in Checkmk 2.4.0p23, 2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging session cookies...

CVE-2025-64998

Exposure of session signing secret in Checkmk 2.4.0p23, 2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging session cookies...

CVE-2025-64998 Session hijacking via exposed session signing secret in distributed Checkmk setups

Exposure of session signing secret in Checkmk 2.4.0p23, 2.3.0p45 and 2.2.0 allows an administrator of a remote site with config sync enabled to hijack sessions on the central site by forging session cookies...

CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

UBUNTU-CVE-2025-39663

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

Security Bulletin: Tivoli Netcool Service Quality Manager is affected by the vulnerabilities in the IBM JRE and Tivoli Directory Server

Summary Tivoli Netcool Service Quality Manager is affected by the vulnerabilities in the IBM Java Runtime Environment Java Technology Edition, Version 5.0 and the IBM Tivoli Directory Server Vulnerability Details CVE-ID: CVE-2014-3065 DESCRIPTION: IBM Java SDK contains a vulnerability in which th...