160 matches found
OESA-2024-1050 netdata security update
netdata is the fastest way to visualize metrics. It is a resource efficient, highly optimized system for collecting and visualizing any type of realtime time-series data, from CPU usage, disk activity, SQL queries, API calls, web site visitors, etc. netdata tries to visualize the truth of now, in...
OESA-2024-1052 netdata security update
netdata is the fastest way to visualize metrics. It is a resource efficient, highly optimized system for collecting and visualizing any type of realtime time-series data, from CPU usage, disk activity, SQL queries, API calls, web site visitors, etc. netdata tries to visualize the truth of now, in...
OESA-2024-1051 netdata security update
netdata is the fastest way to visualize metrics. It is a resource efficient, highly optimized system for collecting and visualizing any type of realtime time-series data, from CPU usage, disk activity, SQL queries, API calls, web site visitors, etc. netdata tries to visualize the truth of now, in...
Information Disclosure
netdata is vulnerable to Information Disclosure. Netdata Agents have an automatically generated MACHINE GUID that is saved to disk and can persist across restarts and reboots. Streaming is a feature that allows a Netdata Agent to act as parent for other Netdata Agents children, offloading childre...
Remote Code Execution (RCE)
netdata is vulnerable to Remote Code Execution RCE. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent when an alert is triggered. This can be done by providing a specially crafted registryhostname as part of the health da...
SUSE CVE-2018-18836
An issue was discovered in Netdata 1.10.0. JSON injection exists via the api/v1/data tqx parameter because of webclientapirequestv1data in web/api/webapiv1.c...
SUSE CVE-2018-18838
An issue was discovered in Netdata 1.10.0. Log Injection or Log Forgery exists via a %0a sequence in the url parameter to api/v1/registry...
SUSE CVE-2018-18837
An issue was discovered in Netdata 1.10.0. HTTP Header Injection exists via the api/v1/data filename parameter because of webclientapirequestv1data in web/api/webapiv1.c...
SUSE CVE-2018-18839
An issue was discovered in Netdata 1.10.0. Full Path Disclosure FPD exists via api/v1/alarms. NOTE: the vendor says "is intentional...
SUSE CVE-2019-9834
The Netdata web application through 1.13.0 allows remote attackers to inject their own malicious HTML code into an imported snapshot, aka HTML Injection. Successful exploitation will allow attacker-supplied HTML to run in the context of the affected browser, potentially allowing the attacker to...
SUSE CVE-2023-22497
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...
SUSE CVE-2023-22496
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...
Netdata Licensing Issue Vulnerability
Netdata is a high-fidelity infrastructure monitoring and troubleshooting application open-sourced by Netdata.Netdata suffers from an authorization issue vulnerability that stems from the fact that anyone with access to the Netdata agent can access its MACHINEGUID.No details of the vulnerability a...
Netdata Command Injection Vulnerability
Netdata is a high-fidelity infrastructure monitoring and troubleshooting application open-sourced by Netdata. Netdata is vulnerable to a command injection vulnerability that stems from the fact that an attacker who is able to establish a streaming connection can execute arbitrary commands on the...
CVE-2023-22497
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...
DEBIAN-CVE-2023-22497
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...
UBUNTU-CVE-2023-22497
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...
CVE-2023-22497
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...
Design/Logic Flaw
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...
DEBIAN-CVE-2023-22496
Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...