Lucene search
K

74 matches found

Prion
Prion
added 2019/09/09 1:15 p.m.15 views

Sql injection

An issue was discovered in LibreNMS through 1.47. The scripts that handle the graphing options html/includes/graphs/common.inc.php and html/includes/graphs/graphs.inc.php do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with...

7.5CVSS8.9AI score0.01482EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/09/09 1:2 p.m.37 views

CVE-2019-12463

An issue was discovered in LibreNMS 1.50.1. The scripts that handle graphing options includes/html/graphs/common.inc.php and includes/html/graphs/graphs.inc.php do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqlirealescapestring,...

9.7AI score0.01392EPSS
Exploits1References1
0day.today
0day.today
added 2019/09/09 12:0 a.m.32 views

LibreNMS Collectd Command Injection Exploit

This Metasploit module exploits a command injection vulnerability in the Collectd graphing functionality in LibreNMS. The to and from parameters used to define the range for a graph are sanitized using the mysqliescaperealstring function, which permits backticks. These parameters are used as part...

7.2CVSS0.4AI score0.80662EPSS
Exploits5
CNVD
CNVD
added 2019/09/09 12:0 a.m.3 views

LibreNMS Command Injection Vulnerability

LibreNMS is an open source network monitoring system based on PHP and MySQL. The system features customizable alerts , auto-discovery of the network environment and automatic updates . A command injection vulnerability exists in the Collectd graphing feature in LibreNMS, which can be exploited by...

7.2CVSS7.9AI score0.80662EPSS
Exploits5References1
Fedora
Fedora
added 2017/03/10 2:51 p.m.25 views

[SECURITY] Fedora 24 Update: munin-2.0.30-5.fc24

Munin is a highly flexible and powerful solution used to create graphs of virtually everything imaginable throughout your network, while still maintaining a rattling ease of installation and configuration. This package contains the grapher/gatherer. You will only need one instance of it in your...

5.5CVSS0.3AI score0.00421EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/03/03 3:5 p.m.32 views

USN-3215-2: Munin regression

USN-3215-1 fixed a vulnerability in Munin. The upstream patch caused a regression leading to errors being appended to the log file. This update fixes the problem. Original advisory details: It was discovered that Munin incorrectly handled CGI graphs. A remote attacker could use this issue to...

5.6AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2017/02/27 12:0 a.m.26 views

Debian DLA-836-2 : munin regression update

The update for munin issued as DLA-836-1 caused a regression in the zooming functionality in munin-cgi-graph. Updated packages are now available to correct this issue. For reference, the original advisory text follows. Stevie Trujillo discovered a command injection vulnerability in munin, a...

5.9AI score
Exploits0References2
Debian
Debian
added 2017/02/25 5:7 p.m.17 views

[SECURITY] [DLA 836-1] munin security update

Package : munin Version : 2.0.6-4+deb7u3 CVE ID : CVE-2017-6188 Debian Bug : 855705 Stevie Trujillo discovered a command injection vulnerability in munin, a network-wide graphing framework. The CGI script for drawing graphs allowed to pass arbitrary GET parameters to local shell command, allowing...

5.5CVSS5.9AI score0.00421EPSS
Exploits0
OpenVAS
OpenVAS
added 2017/02/25 12:0 a.m.16 views

Debian Security Advisory DSA 3794-1 (munin - security update)

Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...

1.9CVSS5.3AI score0.00421EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2017/02/24 12:0 a.m.14 views

Debian: Security Advisory (DSA-3794-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.5CVSS5.5AI score0.00421EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/06/25 12:0 a.m.30 views

Debian DSA-3295-1 : cacti - security update

Several vulnerabilities cross-site scripting and SQL injection have been discovered in Cacti, a web interface for graphing of monitoring systems. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

7.5CVSS7.9AI score0.03227EPSS
Exploits0References7
Fedora
Fedora
added 2014/04/07 3:26 a.m.30 views

[SECURITY] Fedora 19 Update: munin-2.0.20-1.fc19

Munin is a highly flexible and powerful solution used to create graphs of virtually everything imaginable throughout your network, while still maintaining a rattling ease of installation and configuration. This package contains the grapher/gatherer. You will only need one instance of it in your...

5CVSS0.3AI score0.02502EPSS
Exploits0
Gentoo Linux
Gentoo Linux
added 2014/01/21 12:0 a.m.47 views

Cacti: Multiple vulnerabilities

Background Cacti is a complete network graphing solution designed to harness the power of RRDTool’s data storage and graphing functionality. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact A remote attacker...

7.5CVSS9.7AI score0.04309EPSS
Exploits3
Fedora
Fedora
added 2013/12/16 11:2 p.m.33 views

[SECURITY] Fedora 19 Update: munin-2.0.19-1.fc19

Munin is a highly flexible and powerful solution used to create graphs of virtually everything imaginable throughout your network, while still maintaining a rattling ease of installation and configuration. This package contains the grapher/gatherer. You will only need one instance of it in your...

5CVSS0.3AI score0.02502EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/12/10 12:0 a.m.32 views

Debian DSA-2815-1 : munin - denial of service

Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2013-6048 The Munin::Master::Node module of munin does not properly validate certain data a node...

5CVSS5.5AI score0.02502EPSS
Exploits0References6
Debian
Debian
added 2013/12/09 10:14 p.m.25 views

[SECURITY] [DSA 2815-1] munin security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2815-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 09, 2013 http://www.debian.org/security/faq -...

5CVSS6.6AI score0.02502EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/12/09 12:0 a.m.27 views

Debian Security Advisory DSA 2815-1 (munin - denial of service)

Christoph Biedl discovered two denial of service vulnerabilities in munin, a network-wide graphing framework. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2013-6048 The Munin::Master::Node module of munin does not properly validate certain data a node...

5CVSS6.6AI score0.02502EPSS
Exploits0References1
OSV
OSV
added 2013/12/09 12:0 a.m.24 views

DSA-2815-1 munin - denial of service

Bulletin has no description...

5CVSS5.9AI score0.02502EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/05 12:0 a.m.31 views

Cacti < 0.8.8b Command and SQL Injections

Binary data 8004.prm...

7.5CVSS7.3AI score0.02391EPSS
Exploits0References4
Fedora
Fedora
added 2013/08/15 2:49 a.m.30 views

[SECURITY] Fedora 18 Update: smokeping-2.6.9-1.fc18

SmokePing is a latency logging and graphing system. It consists of a daemon process which organizes the latency measurements and a CGI which presents the graphs...

6.1CVSS2AI score0.0134EPSS
Exploits0
Rows per page
Query Builder