PT-2025-44462

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.6.14 Description Nagios XI versions prior to 5.6.14 have an authenticated remote command execution issue in the command test.php script within the Core Config Manager CCM. A lack of proper validation of the addres...

Nagios XI 安全漏洞

Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2026R1, which stems from insufficient validatio...

EUVD-2008-6343

Malware in sbrugna...

EUVD-2019-13333

Malware in sbrugna...

EUVD-2020-6148

Malware in sbrugna...

EUVD-2008-5006

Malware in sbrugna...

EUVD-2013-2168

Malware in sbrugna...

EUVD-2006-2489

Malware in sbrugna...

EUVD-2011-1524

Malware in sbrugna...

CVE-2024-54960

A SQL Injection vulnerability in Nagios XI 2024R1.2.2 allows a remote attacker to execute SQL injection via a crafted payload in the History Tab component...

SUSE CVE-2008-6373

Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."...

SUSE CVE-2020-13977

Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been...

UBUNTU-CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

Nagios Injection Vulnerability

Nagios is a set of open source and free network monitoring tools from the American company Nagios. A security vulnerability exists in Nagios version 4.4.5. The vulnerability can be exploited by an attacker to modify the alert histogram and trending function code via modified archive.json,...

MGASA-2019-0104 Updated nagios packages fix security vulnerability

A flaw was found in Nagios Core version 4.4.1 and earlier. The qhhelp function is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket CVE-2018-13441. A flaw was found in...

nagios: Command injection via curl in MagpieRSS

It was found that an attacker who could control the content of an RSS feed could execute code remotely using the Nagios web interface. This flaw could be used to gain access to the remote system and in some scenarios control over the system...

NRPE 2.15 - Remote Command Execution

NRPE 2.15 - Remote Command Execution ============================================= - Release date: 17.04.2014 - Discovered by: Dawid Golunski - Severity: High ============================================= I. VULNERABILITY ------------------------- NRPE - Nagios Remote Plugin Executor = 2.15 Remot...

Ubuntu Update for nagios vulnerability USN-698-1

Ubuntu Update for Linux kernel vulnerabilities USN-698-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6981.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for nagios vulnerability USN-698-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

CVE-2008-6373

Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."...

Xxe

Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."...