CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code into an imported snapshot, aka HTML Injection...

6.1CVSS6.2AI score0.07851EPSS

Exploits1References2

GithubExploit•added 2025/08/16 11:18 a.m.•593 views

Exploit for CVE-2024-32019

CVE-2024-32019 — Netdata ndsudo Local Privilege Escalation...

8.8CVSS9.1AI score0.00576EPSS

Exploits15

GithubExploit•added 2025/08/05 7:54 a.m.•375 views

Exploit for CVE-2024-32019

🚨 CVE-2024-32019 - Netdata ndsudo PATH Vulnerability Exploit...

8.8CVSS9AI score0.00576EPSS

Exploits15

Vulnrichment•added 2023/01/14 1:2 a.m.•6 views

CVE-2023-22497 Netdata is vulnerable to improper authentication

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

6.5CVSS8AI score0.00124EPSS

Exploits1References2

Vulnrichment•added 2023/01/14 12:59 a.m.•7 views

CVE-2023-22496 Netdata vulnerable to command injection

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

8.1CVSS9.7AI score0.01884EPSS

Exploits1References1

Positive Technologies•added 2023/01/14 12:0 a.m.•2 views

PT-2023-18547 · Netdata +2 · Netdata +2

Name of the Vulnerable Software and Affected Versions: Netdata agent versions prior to 1.37 stable and 1.36.0-409 nightly Description: An issue exists where an attacker can execute arbitrary commands on a targeted Netdata agent by establishing a streaming connection and providing a specially...

9.8CVSS8.8AI score0.01884EPSS

Exploits2References14

OSV•added 2019/06/18 4:15 p.m.•2 views

DEBIAN-CVE-2018-18836

An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.5CVSS7.4AI score0.00209EPSS

Exploits1References1

OSV•added 2019/06/18 4:15 p.m.•1 views

DEBIAN-CVE-2018-18837

An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.1CVSS6.7AI score0.00268EPSS

Exploits1References1

UbuntuCve•added 2019/06/18 4:15 p.m.•47 views

CVE-2018-18837

An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.1CVSS6.9AI score0.00268EPSS

Exploits1References6

OSV•added 2019/06/18 4:15 p.m.•0 views

UBUNTU-CVE-2018-18837

An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...

6.1CVSS6.8AI score0.00268EPSS

Exploits1References7

OSV•added 2019/06/18 4:15 p.m.•0 views

UBUNTU-CVE-2018-18838

An issue was discovered in Netdata 1.10.0. Log Injection or Log Forgery exists via a %0a sequence in the url parameter to api/v1/registry...

7.5CVSS7.1AI score0.00169EPSS

Exploits1References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by