Linux Distros Unpatched Vulnerability : CVE-2017-11507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross site scripting XSS vulnerability exists in CheckMK versions 1.2.8x prior to 1.2.8p25 and 1.4.0x prior to 1.4.0p9, allowing an unauthenticated attacker t...

CVE-2025-58124 Lack of TLS validation in plugin check-mk-api on Checkmk Exchange

Improper Certificate Validation in Checkmk Exchange plugin check-mk-api allows attackers in MitM position to intercept traffic...

Checkmk Exchange plugin check-mk-api 安全漏洞

Checkmk Exchange plugin check-mk-api is a plugin from Checkmk, Inc. A security vulnerability exists in Checkmk Exchange plugin check-mk-api, which stems from improper certificate validation and could lead to a man-in-the-middle attacker intercepting traffic...

CVE-2024-38864

Incorrect permissions on the Checkmk Windows Agent's data directory in Checkmk 2.3.0p23, 2.2.0p38 and = 2.1.0p49 EOL allows a local attacker to read sensitive data...

Check MK 1.6.x < 2.2.0b1, 2.3.x < 2.3.0b1 Certification Validation Vulnerability

Check MK is prone to a certification validation vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; ...

Ubuntu: Security Advisory (USN-5527-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Check MK 1.6.0x < 1.6.0p19 XSS Vulnerability

Check MK is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; ...

Check MK 1.6 < 1.6.0p28, 2.0.x < 2.0.0p20 Multiple Vulnerabilities

Check MK is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:checkmk:checkmk"; if description...

Check MK 2.0.x < 2.0.0p20 XSS Vulnerability

Check MK is prone to a cross-site scripting XSS vulnerability in custom user attributes. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Check MK Agent < 1.6.0p17 Privilege Escalation Vulnerability

Check MK Agent is prone to a privilege escalation vulnerability on Windows. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Check MK < 1.6.0p25, 2.0.x < 2.0.0p4 XSS Vulnerability

Check MK is prone to a cross-site scripting XSS vulnerability in the management web console. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

Improper Access Control

Red Hat Gluster Storage is a software only scale-out storage solution that provides flexible and affordable unstructured data storage. It unifies data storage and infrastructure, increases performance, and improves availability and manageability to meet enterprise-level storage challenges. Red Ha...

CVE-2014-0243

CheckMK through 1.2.5i2p1 allows local users to read arbitrary files via a symlink attack to a file in /var/lib/checkmkagent/job...

Fedora 27 : check-mk (2017-79b7fd1b4d)

Security fix for CVE-2017-1495 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

Fedora Update for check-mk FEDORA-2017-6bbb922009

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for check-mk FEDORA-2017-9f36da1aac

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : check-mk (2017-6bbb922009)

Security fix for CVE-2017-1495 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...

[SECURITY] Fedora 25 Update: check-mk-1.2.8p26-1.fc25

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

[SECURITY] Fedora 27 Update: check-mk-1.2.8p26-1.fc27

check-mk is a general purpose Nagios-plugin for retrieving data. It adopts a new approach for collecting data from operating systems and network compone nts. It obsoletes NRPE, checkbyssh, NSClient, and checksnmp and it has many benefits, the most important are a significant reduction of CPU usag...

UBUNTU-CVE-2017-14955

CheckMK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report...