Lucene search
K

124 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 4:2 a.m.5 views

CVE-2013-7256

Cross-site request forgery CSRF vulnerability in Opsview before 4.4.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

6.8CVSS7.5AI score0.0057EPSS
Exploits0References1
NVD
NVD
added 2025/01/09 10:15 p.m.12 views

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

9.8CVSS0.0116EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 12:0 a.m.54 views

CVE-2023-28354

An issue in Opsview Monitor Agent 6.8 allows an unauthenticated remote attacker to call NRPE via check_nrpe and escape NRPE plugin execution by sending command control characters, enabling remote execution of commands on the target as NT_AUTHORITY\SYSTEM. This is documented in multiple sources (N...

9.8CVSS8.1AI score0.0116EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/09 12:0 a.m.4 views

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

7.8AI score0.0116EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/09 12:0 a.m.2 views

Opsview Monitor Agent 安全漏洞

Opsview Monitor Agent is a monitoring platform agent program from Opsview. A security vulnerability exists in Opsview Monitor Agent version 0.3.9.700 2022-09-28 and earlier, which stems from the ability of an unauthenticated remote attacker to invoke the checknrpe specified plug-in, which allows...

9.8CVSS7.4AI score0.0116EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/09 12:0 a.m.256 views

CVE-2023-28354

An issue was discovered in Opsview Monitor Agent 6.8. An unauthenticated remote attacker can call checknrpe against affected targets, specifying known NRPE plugins, which in default installations are configured to accept command control characters and pass them to command-line interpreters for NR...

0.0116EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/09 12:0 a.m.6 views

PT-2025-1386 · Opsview · Opsview Monitor Agent

Name of the Vulnerable Software and Affected Versions: Opsview Monitor Agent version 6.8 Description: A problem was discovered in Opsview Monitor Agent where an unauthenticated remote attacker can call check nrpe against affected targets, specifying known NRPE plugins. In default installations,...

9.8CVSS8AI score0.0116EPSS
Exploits0References4
NVD
NVD
added 2020/01/02 3:15 p.m.16 views

CVE-2013-3935

Cross-site request forgery CSRF vulnerability in Opsview before 4.4.1 and Opsview Core before 20130522 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors...

8.8CVSS9AI score0.00542EPSS
Exploits0References2
NVD
NVD
added 2020/01/02 3:15 p.m.14 views

CVE-2013-3936

Multiple cross-site scripting XSS vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML...

6.1CVSS6.2AI score0.00772EPSS
Exploits0References2
Prion
Prion
added 2020/01/02 3:15 p.m.11 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML...

4.3CVSS6.2AI score0.00772EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2020/01/02 3:15 p.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Opsview before 4.4.1 and Opsview Core before 20130522 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors...

6.8CVSS7.8AI score0.00542EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/01/02 2:31 p.m.20 views

CVE-2013-3935

Cross-site request forgery CSRF vulnerability in Opsview before 4.4.1 and Opsview Core before 20130522 allows remote attackers to hijack the authentication of administrators for requests that change the administrator password via unspecified vectors...

9AI score0.00542EPSS
Exploits0References2
CVE
CVE
added 2020/01/02 2:31 p.m.84 views

CVE-2013-3935

CVE-2013-3935 affects Opsview before 4.4.1 and Opsview Core before 20130522. It is a CSRF vulnerability that could allow remote attackers to hijack administrator authentication to change the admin password via unspecified vectors. The sources do not detail exploit vectors or willing remediation i...

8.8CVSS8.8AI score0.00542EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2020/01/02 2:31 p.m.16 views

CVE-2013-3936

Multiple cross-site scripting XSS vulnerabilities in Opsview before 4.4.1 and Opsview Core before 20130522 allow remote attackers to inject arbitrary web script or HTML...

6.2AI score0.00772EPSS
Exploits0References2
CVE
CVE
added 2020/01/02 2:31 p.m.84 views

CVE-2013-3936

CVE-2013-3936 involves multiple cross-site scripting (XSS) vulnerabilities in Opsview prior to 4.4.1 and Opsview Core prior to 20130522, allowing remote attackers to inject arbitrary web script or HTML via the vulnerable web UI. The affected products are Opsview/Open-source Opsview Core (pre-4.4....

6.1CVSS6AI score0.00772EPSS
Exploits0References2Affected Software2
0day.today
0day.today
added 2018/09/06 12:0 a.m.132 views

Opsview Monitor 5.x Command Execution Vulnerability

Exploit for multiple platform in category web applications Opsview Monitor Multiple Vulnerabilities 1. Advisory Information Title: Opsview Monitor Multiple Vulnerabilities Advisory ID: CORE-2018-0008 Advisory URL: http://www.coresecurity.com/advisories/opsview-monitor-multiple-vulnerabilities Dat...

0.3AI score0.32692EPSS
Exploits9
NVD
NVD
added 2018/09/05 9:29 p.m.23 views

CVE-2018-16148

The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting...

6.1CVSS6.2AI score0.01311EPSS
Exploits3References4
OSV
OSV
added 2018/09/05 9:29 p.m.7 views

CVE-2018-16148

The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting...

6.1CVSS5.8AI score0.01311EPSS
Exploits3References4
NVD
NVD
added 2018/09/05 9:29 p.m.19 views

CVE-2018-16145

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of...

9.3CVSS8.1AI score0.02308EPSS
Exploits3References4
OSV
OSV
added 2018/09/05 9:29 p.m.5 views

CVE-2018-16146

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection wi...

7.2CVSS5.9AI score0.06197EPSS
Exploits3References3
Rows per page
Query Builder