186 matches found
CVE-2021-33178
The Manage Backgrounds functionality within NagVis versions prior to 1.9.29 is vulnerable to an authenticated path traversal vulnerability. Exploitation of this results in a malicious actor having the ability to arbitrarily delete files on the local system...
CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
Linux Distros Unpatched Vulnerability : CVE-2025-39665
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames. CVE-2025-39665 Note...
DEBIAN-CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
UBUNTU-CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
CVE-2025-39665
NagVis Checkmk MultisiteAuth vulnerability CVE-2025-39665 affects versions before 1.9.48. An unauthenticated attacker can enumerate Checkmk usernames via user enumeration in the multisite authentication flow. Public references point to NagVis 1.9.48 as the fix. Impact details are limited to usern...
EUVD-2025-200737
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
CVE-2025-39665 Livestatus Injection in dynmaps
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
CVE-2025-39665
User enumeration in Nagvis' Checkmk MultisiteAuth before version 1.9.48 allows an unauthenticated attacker to enumerate Checkmk usernames...
PT-2025-48802
Name of the Vulnerable Software and Affected Versions Nagvis Checkmk MultisiteAuth versions prior to 1.9.48 Description An unauthenticated attacker can enumerate Checkmk usernames. This issue affects the user enumeration functionality within the software. Recommendations Update to version 1.9.48 ...
NagVis 安全漏洞
NagVis is a program from NagVis open source. Used to visualize your chosen monitoring core data in a user-friendly way. A security vulnerability exists in NagVis versions prior to 1.9.48 that stems from an unauthenticated attacker being able to enumerate usernames...
CVE-2024-14002
Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion LFI vulnerability via its NagVis integration. An authenticated user can supply crafted path values that cause the server to include local files, potentially exposing sensitive information from the underlying host...
CVE-2024-14004
Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...
EUVD-2024-55052
Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...
EUVD-2024-55055
Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion LFI vulnerability via its NagVis integration. An authenticated user can supply crafted path values that cause the server to include local files, potentially exposing sensitive information from the underlying host...
CVE-2024-14004
Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...
CVE-2024-14004
Nagios XI versions prior to 2024R1.2 contain a privilege escalation vulnerability related to NagVis configuration handling nagvis.conf. An authenticated user could manipulate NagVis configuration data or leverage insufficiently validated configuration settings to obtain elevated privileges on the...
CVE-2024-14002
Nagios XI versions prior to 2024R1.1.4 contain a local file inclusion LFI vulnerability via its NagVis integration. An authenticated user can supply crafted path values that cause the server to include local files, potentially exposing sensitive information from the underlying host...