Important: Red Hat Security Advisory: net-snmp security update

An update for net-snmp is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring...

CVE-2025-13373 Advantech iView SQL Injection

Advantech iView versions 5.7.05.7057 and prior do not properly sanitize SNMP v1 trap Port 162 requests, which could allow an attacker to inject SQL commands...

CVE-2025-54892

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring SNMP traps group configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...

CVE-2025-54889

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring SNMP traps manufacturer configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13...

CVE-2025-54892 A user with elevated privileges can inject XSS in the SNMP traps group configuration page

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring SNMP traps group configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13, from...

CVE-2025-54892

Centreon CVE-2025-54892 is a stored XSS in the Centreon Infra Monitoring SNMP traps group configuration module. The issue arises from improper input neutralization during web page generation, allowing a user with elevated privileges to inject scripts. Affected versions include 24.10.0–24.10.12, 2...

CVE-2025-54889 A user with elevated privileges can inject XSS in the SNMP traps manufacturer configuration page

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring SNMP traps manufacturer configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13...

CVE-2025-54889

Centreon Infra Monitoring is affected by CVE-2025-54889, a Stored XSS flaw in the SNMP traps manufacturer configuration pages. Affected versions are 24.10.0–24.10.12, 24.04.0–24.04.17, and 23.10.0–23.10.27. The issue stems from improper input neutralization during web page generation, allowing us...

EUVD-2025-34220

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Centreon Infra Monitoring SNMP traps manufacturer configuration modules allows Stored XSS by users with elevated privileges. This issue affects Infra Monitoring: from 24.10.0 before 24.10.13...

PT-2025-41933

Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 24.10.0 through 24.10.12 Centreon Infra Monitoring versions 24.04.0 through 24.04.17 Centreon Infra Monitoring versions 23.10.0 through 23.10.27 Description The software contains an Improper Neutralization of...

EUVD-2013-1269

Malware in sbrugna...

CVE-2013-1229

TMSSNMPService.exe in TelePresence Manager in Cisco TelePresence Management Suite TMS on 64-bit platforms allows remote attackers to cause a denial of service process crash via SNMP traps, aka Bug ID CSCue00028...

SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Vulnerability

Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage: https://www.kiwisyslog.com/ Softwar...

SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

SolarWinds Kiwi Syslog Server 9.6.7.1 Unquoted Service Path

Exploit Title: SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...

Update Rollup 7 for System Center 2016 Operations Manager

Update Rollup 7 for System Center 2016 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 7 for Microsoft System Center 2016 Operations Manager. This article also contains the installation instructions for this update. Improvements and issues that ar...

Centreon 19.10.5 - (centreontrapd) Remote Command Execution Exploit

Exploit for php platform in category web applications Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentO...

Centreon 19.10.5 Remote Command Execution

Exploit Title: Centreon 19.10.5 - 'centreontrapd' Remote Command Execution Date: 2020-01-29 Exploit Author: Fabien AUNAY, Omri Baso Vendor Homepage: https://www.centreon.com/ Software Link: https://github.com/centreon/centreon Version: 19.10.5 Tested on: CentOS 7 CVE : - Centreon 19.10.5 Remote...

SolarWinds Kiwi Syslog Server 8.3.52 - Kiwi Syslog Server Unquoted Service Path

SolarWinds Kiwi Syslog Server 8.3.52 - Kiwi Syslog Server Unquoted Service Path Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Date: 2019-11-08 Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link:...

SolarWinds Kiwi Syslog Server 8.3.52 - (Kiwi Syslog Server) Unquoted Service Path Vulnerability

Exploit Title: SolarWinds Kiwi Syslog Server 8.3.52 - 'Kiwi Syslog Server' Unquoted Service Path Exploit Author: Carlos A Garcia R Vendor Homepage: https://www.kiwisyslog.com/ Software Link: https://www.kiwisyslog.com/downloads Version: 8.3.52 Tested on: Windows XP Professional Service Pack 3...