12 matches found
EUVD-2025-10484
Malicious code in bioql PyPI...
EUVD-2022-51017
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-31208
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command...
CVE-2025-32918
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2025-32918 Livestatus injection in autocomplete endpoint
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2025-32918 Livestatus injection in autocomplete endpoint
Improper neutralization of Livestatus command delimiters in autocomplete endpoint within the RestAPI of Checkmk versions 2.4.0p6, 2.3.0p35, 2.2.0p44, and 2.1.0 EOL allows an authenticated user to inject arbitrary Livestatus commands...
CVE-2022-48317
Expired sessions were not securely terminated in the RestAPI for Tribe29's Checkmk = 2.1.0p10 and Checkmk = 2.0.0p28 allowing an attacker to use expired session tokens when communicating with the RestAPI...
CVE-2024-38865 Livestatus command injection in RestAPI
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
CVE-2024-38865 Livestatus command injection in RestAPI
Improper neutralization of livestatus command delimiters in a specific endpoint within RestAPI of Checkmk prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 EOL allows arbitrary livestatus command execution. Exploitation requires the attacker to have a contact group assigned to their user account and for ...
CVE-2024-38865
CVE-2024-38865 affects Checkmk RestAPI: an improper neutralization of livestatus command delimiters in a specific endpoint allows arbitrary livestatus command execution. Affected versions are prior to 2.2.0p39, 2.3.0p25, and 2.1.0p51 (EOL). Exploitation requires the attacker to belong to a contac...
UBUNTU-CVE-2023-22348
Improper Authorization in RestAPI in Checkmk GmbH's Checkmk versions 2.1.0p28 and 2.2.0b8 allows remote authenticated users to read arbitrary hostconfigs...
CVE-2023-31208
Improper neutralization of livestatus command delimiters in the RestAPI in Checkmk 2.0.0p36, 2.1.0p28, and 2.2.0b8 beta allows arbitrary livestatus command execution for authorized users...