Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

160 matches found

NVD
NVDadded 2023/01/14 1:15 a.m.13 views

CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

9.8CVSS9.6AI score0.01884EPSS
Exploits1References1
OSV
OSVadded 2023/01/14 1:15 a.m.0 views

UBUNTU-CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

9.8CVSS7.4AI score0.01884EPSS
Exploits1References3
Prion
Prionadded 2023/01/14 1:15 a.m.17 views

Design/Logic Flaw

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

7.5CVSS10AI score0.01884EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCveadded 2023/01/14 1:15 a.m.287 views

CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

9.8CVSS7.2AI score0.01884EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2023/01/14 1:2 a.m.6 views

CVE-2023-22497 Netdata is vulnerable to improper authentication

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

6.5CVSS8AI score0.00116EPSS
Exploits1References2
Cvelist
Cvelistadded 2023/01/14 1:2 a.m.13 views

CVE-2023-22497 Netdata is vulnerable to improper authentication

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

6.5CVSS9.4AI score0.00116EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2023/01/14 1:2 a.m.21 views

CVE-2023-22497

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

9.1CVSS7.6AI score0.00116EPSS
Exploits1
CVE
CVEadded 2023/01/14 1:2 a.m.100 views

CVE-2023-22497

Netdata CVE-2023-22497 concerns a streaming configuration flaw where a valid MACHINE_GUID could be used as an API key in stream.conf, allowing non-trusted users to access parent/child Netdata Agents. Affects Netdata agents that expose streaming functionality; attacker could leverage this to acces...

9.1CVSS7.7AI score0.00116EPSS
Exploits1References2Affected Software1
AlpineLinux
AlpineLinuxadded 2023/01/14 1:2 a.m.24 views

CVE-2023-22497

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

9.1CVSS8.9AI score0.00116EPSS
Exploits1References2
OSV
OSVadded 2023/01/14 1:2 a.m.19 views

CVE-2023-22497 Netdata is vulnerable to improper authentication

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. Each Netdata Agent has an automatically generated MACHINE GUID. It is generated when the agent first starts and it is saved to disk, so that it will persist across restarts and reboots. Anyone who has...

6.5CVSS7.6AI score0.00116EPSS
Exploits1References4
OSV
OSVadded 2023/01/14 12:59 a.m.14 views

CVE-2023-22496 Netdata vulnerable to command injection

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

8.1CVSS9.2AI score0.01884EPSS
Exploits1References3
AlpineLinux
AlpineLinuxadded 2023/01/14 12:59 a.m.35 views

CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

9.8CVSS9.8AI score0.01884EPSS
Exploits1References1
Vulnrichment
Vulnrichmentadded 2023/01/14 12:59 a.m.7 views

CVE-2023-22496 Netdata vulnerable to command injection

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

8.1CVSS9.7AI score0.01884EPSS
Exploits1References1
CVE
CVEadded 2023/01/14 12:59 a.m.138 views

CVE-2023-22496

CVE-2023-22496 affects Netdata. An attacker able to establish a streaming connection can manipulate a health alert’s non-sanitized argument (registry_hostname) to cause the Netdata agent to execute arbitrary commands on the remote host as the netdata user. This is triggered during health_alarm_ex...

9.8CVSS9.5AI score0.01884EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2023/01/14 12:59 a.m.14 views

CVE-2023-22496 Netdata vulnerable to command injection

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

8.1CVSS10AI score0.01884EPSS
Exploits1References1
Debian CVE
Debian CVEadded 2023/01/14 12:59 a.m.25 views

CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

9.8CVSS10AI score0.01884EPSS
Exploits1
Positive Technologies
Positive Technologiesadded 2023/01/14 12:0 a.m.2 views

PT-2023-18547 · Netdata +2 · Netdata +2

Name of the Vulnerable Software and Affected Versions: Netdata agent versions prior to 1.37 stable and 1.36.0-409 nightly Description: An issue exists where an attacker can execute arbitrary commands on a targeted Netdata agent by establishing a streaming connection and providing a specially...

9.8CVSS8.8AI score0.01884EPSS
Exploits2References14
CNNVD
CNNVDadded 2023/01/14 12:0 a.m.3 views

Netdata 命令注入漏洞

Netdata is a high-fidelity infrastructure monitoring and troubleshooting application open-sourced by Netdata. Netdata is vulnerable to a command injection vulnerability that stems from the fact that an attacker who is able to establish a streaming connection can execute arbitrary commands on the...

9.8CVSS9.2AI score0.01884EPSS
Exploits1References2
CNNVD
CNNVDadded 2023/01/14 12:0 a.m.2 views

Netdata 授权问题漏洞

Netdata is a high-fidelity infrastructure monitoring and troubleshooting application open-sourced by Netdata.Netdata suffers from an authorization issue vulnerability that stems from the fact that anyone with access to the Netdata agent can access its MACHINEGUID.No details of the vulnerability a...

9.1CVSS7.5AI score0.00116EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2023/01/14 12:0 a.m.3 views

PT-2023-18548 · Netdata +4 · Netdata +4

Name of the Vulnerable Software and Affected Versions: Netdata agent versions prior to 1.37 Netdata agent versions prior to 1.36.0-409 nightly Description: The issue affects Netdata Agents that expose their services to non-trusted users, particularly when the streaming feature is enabled, allowin...

9.8CVSS7AI score0.01884EPSS
Exploits9References35
Rows per page
Query Builder