160 matches found
Exploit for CVE-2024-32019
Privilege Escalation via ndsudo Netdata Local Exploit Thi...
Linux Distros Unpatched Vulnerability : CVE-2023-22496
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection c...
Linux Distros Unpatched Vulnerability : CVE-2023-22497
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It...
USN-7250-1: Netdata vulnerabilities
It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 18.04 LTS. CVE-2018-18836 It was discovered that Netdata incorrectly handled parsing HT...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.10 : Netdata vulnerabilities (USN-7250-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7250-1 advisory. It was discovered that Netdata incorrectly handled parsing JSON input, which could lead to a JSON injection. An attacker...
OPENSUSE-SU-2024:11083-1 netdata-1.31.0-1.3 on GA media
These are all security issues fixed in the netdata-1.31.0-1.3 package on the GA media of openSUSE Tumbleweed...
CVE-2024-34250
A heap buffer overflow vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause at least a denial of service via the "wasmloadercheckbr" function in core/iwasm/interpreter/wasmloader.c...
SUSE CVE-2024-32019
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
UBUNTU-CVE-2024-32019
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019 ndsudo: local privilege escalation via untrusted search path
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019 ndsudo: local privilege escalation via untrusted search path
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019 ndsudo: local privilege escalation via untrusted search path
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
CVE-2024-32019
Netdata CVE-2024-32019 is a local privilege escalation in the ndsudo binary (setuid root) due to an untrusted PATH resolution. Vulnerable in Netdata Agent versions prior to 1.45.3 (e.g., 1.45.0 and earlier); patched in 1.45.3 and 1.45.0-169. Exploitation relies on hijacking allowed commands via P...
CVE-2024-32019
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
PT-2024-24358
Name of the Vulnerable Software and Affected Versions Netdata versions prior to 1.45.3 Netdata versions prior to 1.45.2-169 Description Netdata is an open source observability tool. The ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs wi...
Netdata 安全漏洞
Netdata is a high-fidelity infrastructure monitoring and troubleshooting application from the Netdata open source. A security vulnerability exists in Netdata. An attacker could exploit the vulnerability to run arbitrary programs with root privileges...
CVE-2024-23722
In Fluent Bit 2.1.8 through 2.2.1, a NULL pointer dereference can be caused via an invalid HTTP payload with the content type of x-www-form-urlencoded. It crashes and does not restart. This could result in logs not being delivered properly...