CVE-2024-47091

Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...

Exploit for Uncontrolled Search Path Element in Checkmk

CVE-2024-0...

CVE-2025-32919

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

EUVD-2025-33350

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

CVE-2025-32919 Privilege Escalation in Windows License plugin for Checkmk Windows Agent

Use of an insecure temporary directory in the Windows License plugin for the Checkmk Windows Agent allows Privilege Escalation. This issue affects Checkmk: from 2.4.0 before 2.4.0p13, from 2.3.0 before 2.3.0p38, from 2.2.0 before 2.2.0p46, and all versions of 2.1.0 EOL...

EUVD-2024-17469

Malicious code in bioql PyPI...

EUVD-2024-25910

Malicious code in bioql PyPI...

EUVD-2022-46443

Malicious code in bioql PyPI...

EUVD-2024-16430

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-43440

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site use...

Linux Distros Unpatched Vulnerability : CVE-2024-28824

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL...

Linux Distros Unpatched Vulnerability : CVE-2024-0638

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Least privilege violation in the Checkmk agent plugins mkoracle, mkoracle.ps1, and mkoraclecrs before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL...

Linux Distros Unpatched Vulnerability : CVE-2024-1742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Invocation of the sqlplus command with sensitive information in the command line in the mkoracle Checkmk agent plugin before Checkmk 2.3.0b4 beta, 2.2.0p24,...

CVE-2024-28829

Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...

CVE-2024-1742

Invocation of the sqlplus command with sensitive information in the command line in the mkoracle Checkmk agent plugin before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL allows the extraction of this information from the process list...

CVE-2023-6735

Privilege escalation in mktsm agent plugin in Checkmk before 2.2.0p18, 2.1.0p38 and 2.0.0p39 allows local user to escalate privileges...

CVE-2022-43440

Uncontrolled Search Path Element in Checkmk Agent in Tribe29 Checkmk before 2.1.0p1, before 2.0.0p25 and before 1.6.0p29 on a Checkmk server allows the site user to escalate privileges via a manipulated unixcat executable...

CVE-2024-28824

Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL allows local users to escalate privileges...

CVE-2024-0638

Least privilege violation in the Checkmk agent plugins mkoracle, mkoracle.ps1, and mkoraclecrs before Checkmk 2.3.0b4 beta, 2.2.0p24, 2.1.0p41 and 2.0.0 EOL allows local users to escalate privileges...

CVE-2024-28829

Least privilege violation and reliance on untrusted inputs in the mkinformix Checkmk agent plugin before Checkmk 2.3.0p12, 2.2.0p32, 2.1.0p47 and 2.0.0 EOL allows local users to escalate privileges...