Filtered by vendor Nagios Subscriptions
Total 176 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2009-2288 1 Nagios 1 Nagios 2024-11-21 N/A
statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) ping or (2) Traceroute parameters.
CVE-2008-7313 3 Nagios, Redhat, Snoopy 3 Nagios, Openstack, Snoopy 2024-11-21 N/A
The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE: this issue exists dues to an incomplete fix for CVE-2008-4796.
CVE-2008-6373 1 Nagios 1 Nagios 2024-11-21 N/A
Unspecified vulnerability in Nagios before 3.0.6 has unspecified impact and remote attack vectors related to CGI programs, "adaptive external commands," and "writing newlines and submitting service comments."
CVE-2008-5028 2 Nagios, Op5 2 Nagios, Monitor 2024-11-21 N/A
Cross-site request forgery (CSRF) vulnerability in cmd.cgi in (1) Nagios 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote attackers to send commands to the Nagios process, and trigger execution of arbitrary programs by this process, via unspecified HTTP requests.
CVE-2008-5027 2 Nagios, Op5 2 Nagios, Monitor 2024-11-21 N/A
The Nagios process in (1) Nagios before 3.0.5 and (2) op5 Monitor before 4.0.1 allows remote authenticated users to bypass authorization checks, and trigger execution of arbitrary programs by this process, via an (a) custom form or a (b) browser addon.
CVE-2008-4796 4 Debian, Nagios, Snoopy Project and 1 more 4 Debian Linux, Nagios, Snoopy and 1 more 2024-11-21 N/A
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1) ampache, (2) libphp-snoopy, (3) mahara, (4) mediamate, (5) opendb, (6) pixelpost, and possibly other products, allows remote attackers to execute arbitrary commands via shell metacharacters in https URLs.
CVE-2008-1360 1 Nagios 1 Nagios 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624.
CVE-2007-5803 1 Nagios 1 Nagios 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in CGI programs in Nagios before 2.12 might allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-5624 and CVE-2008-1360.
CVE-2007-5624 1 Nagios 1 Nagios 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
CVE-2007-5623 1 Nagios 1 Plugins 2024-11-21 N/A
Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote attackers to cause a denial of service (crash) via crafted snmpget replies.
CVE-2007-5198 1 Nagios 1 Plugins 2024-11-21 N/A
Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters.
CVE-2006-2489 1 Nagios 1 Nagios 2024-11-21 N/A
Integer overflow in CGI scripts in Nagios 1.x before 1.4.1 and 2.x before 2.3.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a content length (Content-Length) HTTP header. NOTE: this is a different vulnerability than CVE-2006-2162.
CVE-2006-2162 1 Nagios 1 Nagios 2024-11-21 N/A
Buffer overflow in CGI scripts in Nagios 1.x before 1.4 and 2.x before 2.3 allows remote attackers to execute arbitrary code via a negative content length (Content-Length) HTTP header.
CVE-2002-1959 1 Nagios 1 Nagios 2024-11-21 N/A
Nagios 1.0b1 through 1.0b3 allows remote attackers to execute arbitrary commands via shell metacharacters in plugin output.
CVE-2023-48082 1 Nagios 1 Xi 2024-10-25 9.1 Critical
Nagios XI before 2024R1 was discovered to improperly handle API keys generation (randomly-generated), allowing attackers to possibly generate the same set of API keys for all users and utilize them to authenticate.
CVE-2023-37154 1 Nagios 1 Plugins 2024-10-10 8.4 High
check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with \${IFS}. This has been categorized both as fixed in e8810de, and as intended behavior.