CVE-2019-13455

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c.

CVE-2019-13273

In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.

CVE-2019-13486

In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c.

CVE-2019-13484

In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.

CVE-2019-13452

In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.

CVE-2019-13485

In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.

CVE-2019-13451

In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.

CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long filename, involving handling a "config" command.

CVE-2015-1430

Buffer overflow in xymon 4.3.17-1.