The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2019-15949 | Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user. A user logged into Nagios XI with permissions to modify plugins, or the nagios user on the server, can modify the check_plugin executable and insert malicious commands to execute as root. | HIGH | Sep 6, 2019 |
| CVE-2018-17147 | Nagios XI before 5.5.4 has XSS in the auto login admin management page. | LOW | Jul 11, 2019 |
| CVE-2021-3277 | Nagios XI 5.7.5 and earlier allows authenticated admins to upload arbitrary files due to improper validation of the rename functionality in custom-includes component, which leads to remote code execution by uploading php files. | MEDIUM | Jun 7, 2021 |
| CVE-2020-24899 | Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerability. An authenticated user can inject additional commands into normal webapp query. | MEDIUM | Feb 16, 2021 |
| CVE-2020-10819 | Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ username parameter. | LOW | Mar 23, 2020 |
| CVE-2020-10820 | Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ password parameter. | LOW | Mar 23, 2020 |
| CVE-2020-10821 | Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter. | LOW | Mar 23, 2020 |
| CVE-2019-12279 | Nagios XI 5.6.1 allows SQL injection via the username parameter to login.php?forgotpass (aka the reset password form). NOTE: The vendor disputes this issues as not being a vulnerability because the issue does not seem to be a legitimate SQL Injection. The POC does not show any valid injection that can be done with the variable provided, and while the username value being passed does get used in a SQL query, it is passed through SQL escaping functions when creating the call. The vendor tried re-creating the issue with no luck | High | May 24, 2019 |
| CVE-2018-15711 | Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges. | MEDIUM | Nov 14, 2018 |
| CVE-2018-15709 | Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted HTTP request. | MEDIUM | Nov 14, 2018 |
| CVE-2018-15714 | Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the oname and oname2 parameters. | MEDIUM | Nov 14, 2018 |
| CVE-2018-15712 | Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the host parameter in api_tool.php. | MEDIUM | Nov 14, 2018 |
| CVE-2018-15713 | Nagios XI 5.5.6 allows persistent cross site scripting from remote authenticated attackers via the stored email address in admin/users.php. | LOW | Nov 14, 2018 |
| CVE-2018-15710 | Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php. | HIGH | Nov 14, 2018 |
| CVE-2020-6581 | Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \\n as the character \\ and the character n (not as the \\n newline sequence). This can cause command injection. | MEDIUM | Mar 19, 2020 |
| CVE-2020-6582 | Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call. | MEDIUM | Mar 19, 2020 |
| CVE-2021-35479 | Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page. | LOW | Jul 30, 2021 |
| CVE-2021-35478 | Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page. | LOW | Jul 30, 2021 |
| CVE-2019-15898 | Nagios Log Server before 2.0.8 allows Reflected XSS via the username on the Login page. | MEDIUM | Sep 4, 2019 |
| CVE-2020-25385 | Nagios Log Server 2.1.7 contains a cross-site scripting (XSS) vulnerability in /nagioslogserver/configure/create_snapshot through the snapshot_name parameter, which may impact users who open a maliciously crafted link or third-party web page. | MEDIUM | Jan 22, 2021 |
| CVE-2020-6584 | Nagios Log Server 2.1.3 has Incorrect Access Control. | MEDIUM | Mar 19, 2020 |
| CVE-2020-6585 | Nagios Log Server 2.1.3 has CSRF. | MEDIUM | Mar 19, 2020 |
| CVE-2020-6586 | Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered. | LOW | Mar 18, 2020 |
| CVE-2019-9202 | Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues. | MEDIUM | Mar 28, 2019 |
| CVE-2019-9202 | Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated users to execute arbitrary code via API key issues. | MEDIUM | Apr 15, 2019 |
| CVE-2018-12501 | Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335. | MEDIUM | Jun 16, 2018 |
| CVE-2021-37223 | Nagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. Any authenticated user can create scheduled reports containing PDF screenshots of any view in the NagiosXI application. Due to lack of input sanitisation, the target page can be replaced with an SSRF payload to access internal resources or disclose local system files. | MEDIUM | Oct 5, 2021 |
| CVE-2017-14312 | Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account. | HIGH | Sep 11, 2017 |
| CVE-2017-12847 | Nagios Core before 4.3.3 creates a nagios.lock PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for nagios.lock modification before a root script executes a kill `cat /pathname/nagios.lock` command. | MEDIUM | Aug 23, 2017 |
| CVE-2020-35269 | Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers. | MEDIUM | Dec 23, 2020 |
| CVE-2018-18245 | Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE. | LOW | Dec 17, 2018 |
| CVE-2020-13977 | Nagios 4.4.5 allows an attacker, who already has administrative access to change the URL for JSON CGIs configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408. | MEDIUM | Jun 12, 2020 |
| CVE-2016-10089 | Nagios 4.2.4 and earlier allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641. | HIGH | Feb 17, 2017 |
| CVE-2023-48134 | nagayama_copabowl Line 13.6.1 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. | -- | Nov 16, 2023 |
| CVE-2021-29441 | Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, when configured to use authentication (-Dnacos.core.auth.enabled=true) Nacos uses the AuthFilter servlet filter to enforce authentication. This filter has a backdoor that enables Nacos servers to bypass this filter and therefore skip authentication checks. This mechanism relies on the user-agent HTTP header so it can be easily spoofed. This issue may allow any user to carry out any administrative tasks on the Nacos server. | HIGH | Apr 28, 2021 |
| CVE-2021-29442 | Nacos is a platform designed for dynamic service discovery and configuration and service management. In Nacos before version 1.4.1, the ConfigOpsController lets the user perform management operations like querying the database or even wiping it out. While the /data/remove endpoint is properly protected with the @Secured annotation, the /derby endpoint is not protected and can be openly accessed by unauthenticated users. These endpoints are only valid when using embedded storage (derby DB) so this issue should not affect those installations using external storage (e.g. mysql) | MEDIUM | Apr 28, 2021 |
| CVE-2020-19676 | Nacos 1.1.4 is affected by: Incorrect Access Control. An environment can be set up locally to get the service details interface. Then other Nacos service names can be accessed through the service list interface. Service details can then be accessed when not logged in. (detail:https://github.com/alibaba/nacos/issues/2284) | MEDIUM | Oct 9, 2020 |
| CVE-2015-0565 | NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible. | HIGH | Feb 25, 2020 |
| CVE-2019-5918 | Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors. | HIGH | Mar 22, 2019 |
| CVE-2023-39807 | N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php. | -- | Aug 21, 2023 |
| CVE-2023-39808 | N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service. | -- | Aug 21, 2023 |
| CVE-2023-39809 | N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname parameter at /manage/network-basic.php. | -- | Aug 21, 2023 |
| CVE-2012-4716 | N-Tron 702-W Industrial Wireless Access Point devices use the same (1) SSH and (2) HTTPS private keys across different customers' installations, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of a key. | HIGH | Jun 13, 2015 |
| CVE-2024-4301 | N-Reporter and N-Cloud, products of the N-Partner, have an OS Command Injection vulnerability. Remote attackers with normal user privilege can execute arbitrary system commands by manipulating user inputs on a specific page. | -- | Apr 29, 2024 |
| CVE-2022-43343 | N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. | -- | Nov 8, 2022 |
| CVE-2022-22950 | n Spring Framework versions 5.3.0 - 5.3.16 and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial of service condition. | MEDIUM | Apr 2, 2022 |
| CVE-2019-2222 | n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140322595 | MEDIUM | Dec 9, 2019 |
| CVE-2018-11806 | m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | HIGH | Jun 13, 2018 |
| CVE-2019-1010300 | mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Overflow. The impact is: Software crash. The component is: server_example_complex_array. The attack vector is: Send a specific MMS protocol packet. | MEDIUM | Jul 22, 2019 |
| CVE-2022-2973 | MZ Automation\'s libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) uses a NULL pointer in certain situations. which could allow an attacker to crash the server. | -- | Sep 23, 2022 |
