CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

7.8AI score0.19181EPSS

Exploits0References1

OSV•added 2024/06/15 12:0 a.m.•10 views

OPENSUSE-SU-2024:11099-1 monitoring-plugins-nrpe-4.0.3-3.5 on GA media

These are all security issues fixed in the monitoring-plugins-nrpe-4.0.3-3.5 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.1AI score0.1857EPSS

Exploits6References1

OpenVAS•added 2024/05/07 12:0 a.m.•17 views

SUSE: Security Advisory (SUSE-SU-2024:1417-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.1857EPSS

Exploits6References5

Tenable Nessus•added 2024/04/25 12:0 a.m.•34 views

SUSE SLES12 Security Update : nrpe (SUSE-SU-2024:1417-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1417-1 advisory. - Incomplete blacklist vulnerability in nrpe.c in Nagios Remote Plugin Executor NRPE 2.15 and earlier allows remote attackers to execute...

7.5CVSS6.1AI score0.1857EPSS

Exploits6References5

OSV•added 2024/04/24 8:34 a.m.•4 views

SUSE-SU-2024:1417-1 Security update for nrpe

This update for nrpe fixes the following issues: CVE-2014-2913: Fixed remote command execution when command arguments are enabled bsc1118590,bsc874743...

7.5CVSS7.1AI score0.1857EPSS

Exploits6References4

OpenVAS•added 2023/03/28 12:0 a.m.•16 views

SUSE: Security Advisory (SUSE-SU-2023:0586-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS9.1AI score0.92346EPSS

Exploits0References5

Tenable Nessus•added 2023/03/02 12:0 a.m.•44 views

SUSE SLES12 Security Update : nrpe (SUSE-SU-2023:0586-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0586-1 advisory. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a...

4.3CVSS7.3AI score0.92346EPSS

Exploits0References5

OSV•added 2023/03/01 12:43 p.m.•7 views

SUSE-SU-2023:0586-1 Security update for nrpe

This update for nrpe fixes the following issues: - CVE-2015-4000: Fixed Logjam Attack by increasing the standard size of 512 bit dh parameters to 2048 bsc931600, bsc938906...

4.3CVSS6.2AI score0.92346EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 4:2 a.m.•2 views

SUSE CVE-2020-6582

Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call...

7.5CVSS7AI score0.01636EPSS

Exploits1References3

OpenVAS•added 2022/01/28 12:0 a.m.•21 views

Mageia: Security Advisory (MGASA-2014-0217)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.1857EPSS

Exploits6References4

OpenVAS•added 2022/01/28 12:0 a.m.•15 views

Mageia: Security Advisory (MGASA-2020-0247)

7.5CVSS7.4AI score0.01636EPSS

Exploits2References6

OpenVAS•added 2021/06/09 12:0 a.m.•19 views

SUSE: Security Advisory (SUSE-SU-2013:1219-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.76437EPSS

Exploits9References2

OpenVAS•added 2021/06/09 12:0 a.m.•28 views

SUSE: Security Advisory (SUSE-SU-2018:1768-1)

4.3CVSS9.1AI score0.92346EPSS

Exploits0References4

Veracode•added 2020/12/11 4:53 p.m.•27 views

Command Injection

Nagios NRPE is vulnerable to command injection. It has Insufficient Filtering because, for example, nastymetachars interprets \n as the character \ and the character n not as the \n newline sequence...

7.3CVSS2.8AI score0.00228EPSS

Exploits1References8Affected Software1

Veracode•added 2020/12/11 4:53 p.m.•23 views

Buffer Overflow

Nagios NRPE is vulnerable to a Heap-Based Buffer Overflow. It is as demonstrated by interpretation of a small negative number as a large positive number during a bzero call...

7.5CVSS4.1AI score0.01636EPSS

Exploits1References8Affected Software1

Mageia•added 2020/06/10 10:26 p.m.•32 views

Updated nrpe packages fix security vulnerability

Updated nrpe packages fix security vulnerabilities: Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nastymetachars interprets \n as the character \ and the character n not as the \n newline sequence. This can cause command injection CVE-2020-6581. Nagios NRPE 3.2.1 has a...

7.5CVSS3AI score0.01636EPSS

Exploits2References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by