UBUNTU-CVE-2026-40179

Prometheus is an open-source monitoring system and time series database. Versions 3.0 through 3.5.1 and 3.6.0 through 3.11.1 have stored cross-site scripting vulnerabilities in multiple components of the Prometheus web UI where metric names and label values are injected into innerHTML without...

Grafana 安全漏洞

Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing systems such as Graphite, InfluxDB, and Prometheus. Grafana has a security vulnerability that stems from SQL...

Zabbix 安全漏洞

Zabbix is an open-source monitoring system developed by Zabbix Inc. This system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. Zabbix has security vulnerabilities, which stem from improper reuse of JavaScript environments. These vulnerabilities may...

Grafana security vulnerabilities

Grafana is a set of open-source monitoring tools developed by Grafana Open Source, which provide a visual monitoring interface. This tool is primarily used for monitoring and analyzing Graphite, InfluxDB, and Prometheus. Grafana has a security vulnerability that arises from processing /avatar/:ha...

CVE-2025-61909

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...

Centreon 安全漏洞

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon has a security vulnerability that can be exploited by attackers to execute arbitrary Web scrip...

EUVD-2021-19519

Malware in sbrugna...

EUVD-2022-29612

Malicious code in bioql PyPI...

EUVD-2025-8229

Malicious code in bioql PyPI...

EUVD-2024-1233

Malicious code in bioql PyPI...

EUVD-2024-1372

Malicious code in bioql PyPI...

EUVD-2024-39570

Malicious code in bioql PyPI...

Centreon has an unspecified vulnerability (CNVD-2025-24800)

Centreon is a set of open source system monitoring tools from France's Centreon. The product mainly provides monitoring functions for resources such as network, system and application programs. Centreon suffers from a security vulnerability that is exploited by attackers to cause elevation of...

CVE-2023-33187

Highlight is an open source, full-stack monitoring platform. Highlight may record passwords on customer deployments when a password html input is switched to type="text" via a javascript "Show Password" button. This differs from the expected behavior which always obfuscates type="password" inputs...

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix suffers from a security vulnerability that stems from uncontrolled resource exhaustion, which could lead to a service crash...

Zabbix 跨站脚本漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A cross-site scripting vulnerability exists in Zabbix that originates in cross-site scripting and could result in a JavaScript payload...

CVE-2025-30164

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL that, once visited by an authenticated user or one that is able to authenticate, allows to...

CVE-2025-27404 Icinga Web 2 DOM-based XSS vulnerability

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 allows an attacker to craft a URL that, once visited by any user, allows to embed arbitrary Javascript into Icinga Web and to act on behalf of tha...

CVE-2022-39337

Hertzbeat is an open source, real-time monitoring system with custom-monitoring, high performance cluster, prometheus-like and agentless. Hertzbeat versions 1.20 and prior have a permission bypass vulnerability. System authentication can be bypassed and invoke interfaces without authorization...

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring, and application monitoring. A security vulnerability exists in Zabbix that stems from the fact that when exporting media types, passwords will be exported in plain...