Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/18 12:0 a.m.4 views

Devolutions Server <= 2026.1.21 / 2026.2.0 <= 2026.2.5 Multiple Vulnerabilities (DEVO-2026-0017)

The version of Devolutions Server installed on the remote host is prior or equal to 2026.1.21 or 2026.2.0 prior or equal to 2026.2.5. It is, therefore, affected by multiple vulnerabilities, including: - Improper access control in PAM account discovery results in Devolutions Server 2026.2.5,...

6.5CVSS5.9AI score0.00201EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/16 9:32 p.m.10 views

EUVD-2026-37200

Improper access control in PAM account discovery results in Devolutions Server 2026.2.5, 2026.1.21 allows an authenticated user to retrieve account discovery scan results...

5.2AI score0.00162EPSS
Exploits0References2
CVE
CVE
added 2026/06/16 6:24 p.m.12 views

CVE-2026-11890

The CVE-2026-11890 entry concerns Devolutions Server versions 2026.1.21 and 2026.2.5, where improper access control in PAM account discovery allows an authenticated user to retrieve account discovery scan results. The connected documents confirm affected software and the root cause (in PAM accoun...

4.3CVSS5.3AI score0.00162EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/10/31 10:7 p.m.8 views

CVE-2013-10072

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS6.8AI score0.00688EPSS
Exploits0References1
NVD
NVD
added 2025/10/30 10:15 p.m.7 views

CVE-2013-10072

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS0.00688EPSS
Exploits0References2
CVE
CVE
added 2025/10/30 9:32 p.m.11 views

CVE-2013-10072

Summary: CVE-2013-10072 affects Nagios XI versions before 2012R1.6, with an authorization flaw in the Auto-Discovery feature. The issue allows users with read-only roles to directly access Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and ...

7.2CVSS6.4AI score0.00688EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/10/30 9:32 p.m.4 views

CVE-2013-10072 Nagios XI < 2012R1.6 Auto-Discovery Missing Authorization

Nagios XI versions prior to 2012R1.6 contain an authorization flaw in the Auto-Discovery functionality. Users with read-only roles could directly reach Auto-Discovery endpoints and pages that should require elevated permissions, exposing discovery results and allowing unintended access to discove...

7.2CVSS6.4AI score0.00688EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-54145

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of...

8.8CVSS8.3AI score0.00657EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2025/02/03 12:0 a.m.6 views

The vulnerability of the get_discovery_results() function in the Cacti network monitoring software allows a hacker to execute arbitrary code.

The vulnerability of the getdiscoveryresults function in the Cacti network monitoring software is related to the lack of security measures for the SQL query structure. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

6.5CVSS8.2AI score0.00657EPSS
Exploits1References3Affected Software1
SUSE CVE
SUSE CVE
added 2025/01/28 12:21 a.m.4 views

SUSE CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

8.8CVSS8.1AI score0.00657EPSS
Exploits1References3
OSV
OSV
added 2025/01/27 5:15 p.m.2 views

DEBIAN-CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

8.8CVSS8.7AI score0.00657EPSS
Exploits1References1
OSV
OSV
added 2025/01/27 5:15 p.m.1 views

UBUNTU-CVE-2024-54145

Cacti is an open source performance and fault management framework. Cacti has a SQL injection vulnerability in the getdiscoveryresults function of automationdevices.php using the network parameter. This vulnerability is fixed in 1.2.29...

8.8CVSS7.4AI score0.00657EPSS
Exploits1References4
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.4 views

Cacti SQL注入漏洞

Cacti is a suite of open source network traffic monitoring and analysis tools from the Cacti team. The tool obtains data via snmpget, analyzes it using RRDtool drawing graphs, and provides data and user management features. Cacti suffers from a SQL injection vulnerability that stems from improper...

8.8CVSS9.3AI score0.00657EPSS
Exploits1References3
Rows per page
Query Builder