Search CVE reports

1 – 10 of 14 results

Detailed view

Sort by:

CVE-2023-37154

Medium priority

Needs evaluation

check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with \${IFS}. This has been categorized both as fixed in e8810de, and as intended behavior.

1 affected packages

monitoring-plugins

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
monitoring-plugins	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation	Needs evaluation

CVE-2022-26563

Medium priority

Some fixes available 5 of 6

An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.

1 affected packages

monit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
monit	Not affected	Fixed	Fixed	Fixed	Fixed

CVE-2021-3325

Medium priority

Not affected

Monitorix 3.13.0 allows remote attackers to bypass Basic Authentication in a default installation (i.e., an installation without a hosts_deny option). This issue occurred because a new access-control feature was introduced without...

1 affected packages

monitorix

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
monitorix	—	—	Not affected	Not in release	Not in release

CVE-2019-11455

Medium priority

Some fixes available 5 of 6

A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also...

1 affected packages

monit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
monit	—	Not affected	Not affected	Fixed	Fixed

CVE-2019-11454

Medium priority

Some fixes available 5 of 6

Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized user field of...

1 affected packages

monit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
monit	—	Not affected	Not affected	Fixed	Fixed

CVE-2016-7067

Medium priority

Some fixes available 2 of 5

Monit before version 5.20.0 is vulnerable to a cross site request forgery attack. Successful exploitation will enable an attacker to disable/enable all monitoring for a particular host or disable/enable monitoring for a specific service.

1 affected packages

monit

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
monit	—	—	—	Not affected	Fixed

CVE-2013-0340

Medium priority

Ignored

expat 2.1.0 and earlier does not properly handle entities expansion unless an application developer uses the XML_SetEntityDeclHandler function, which allows remote attackers to cause a denial of service (resource consumption),...

40 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
apache2	—	—	—	—	—
apr-util	—	—	—	—	—
audacity	—	—	—	—	—
ayttm	—	—	—	—	—
cableswig	—	—	—	—	—
cadaver	—	—	—	—	—
celementtree	—	—	—	—	—
cmake	—	—	—	—	—
coin3	—	—	—	—	—
expat	—	—	—	—	—
gdcm	—	—	—	—	—
ghostscript	—	—	—	—	—
grmonitor	—	—	—	—	—
insighttoolkit	—	—	—	—	—
kompozer	—	—	—	—	—
libparagui1.1	—	—	—	—	—
matanza	—	—	—	—	—
paraview	—	—	—	—	—
poco	—	—	—	—	—
python-xml	—	—	—	—	—
python2.4	—	—	—	—	—
python2.5	—	—	—	—	—
python2.6	—	—	—	—	—
simgear	—	—	—	—	—
sitecopy	—	—	—	—	—
smart	—	—	—	—	—
swish-e	—	—	—	—	—
tdom	—	—	—	—	—
texlive-bin	—	—	—	—	—
tla	—	—	—	—	—
vnc4	—	—	—	—	—
vtk	—	—	—	—	—
w3c-libwww	—	—	—	—	—
wbxml2	—	—	—	—	—
wxwidgets2.6	—	—	—	—	—
wxwidgets2.8	—	—	—	—	—
wxwindows2.4	—	—	—	—	—
xmlrpc-c	—	—	—	—	—
xotcl	—	—	—	—	—
xulrunner	—	—	—	—	—

CVE-2012-1147

Low priority

Ignored

readfilemap.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (file descriptor consumption) via a large number of crafted XML files.

40 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
apache2	—	—	—	Ignored	Ignored
apr-util	—	—	—	Ignored	Ignored
audacity	—	—	—	Not affected	Not affected
ayttm	—	—	—	Not in release	Not affected
cableswig	—	—	—	Not in release	Not affected
cadaver	—	—	—	Not affected	Not affected
celementtree	—	—	—	Not in release	Not in release
cmake	—	—	—	Ignored	Ignored
coin3	—	—	—	Not affected	Not affected
expat	—	—	—	Not affected	Not affected
gdcm	—	—	—	Not affected	Not affected
ghostscript	—	—	—	Ignored	Ignored
grmonitor	—	—	—	Not in release	Not in release
insighttoolkit	—	—	—	Not in release	Not affected
kompozer	—	—	—	Not in release	Not in release
libparagui1.1	—	—	—	Not in release	Not in release
matanza	—	—	—	Not affected	Not affected
paraview	—	—	—	Not affected	Not affected
poco	—	—	—	Not affected	Not affected
python-xml	—	—	—	Not in release	Not in release
python2.4	—	—	—	Not in release	Not in release
python2.5	—	—	—	Not in release	Not in release
python2.6	—	—	—	Not in release	Not in release
simgear	—	—	—	Not affected	Not affected
sitecopy	—	—	—	Not affected	Not affected
smart	—	—	—	Ignored	Ignored
swish-e	—	—	—	Not affected	Not affected
tdom	—	—	—	Not affected	Not affected
texlive-bin	—	—	—	Ignored	Ignored
tla	—	—	—	Not affected	Not affected
vnc4	—	—	—	Ignored	Ignored
vtk	—	—	—	Not in release	Not affected
w3c-libwww	—	—	—	Not in release	Not in release
wbxml2	—	—	—	Not affected	Not affected
wxwidgets2.6	—	—	—	Not in release	Not in release
wxwidgets2.8	—	—	—	Not in release	Not in release
wxwindows2.4	—	—	—	Not in release	Not in release
xmlrpc-c	—	—	—	Ignored	Ignored
xotcl	—	—	—	Not affected	Not affected
xulrunner	—	—	—	Not in release	Not in release

CVE-2012-1148

Low priority

Some fixes available 40 of 398

Memory leak in the poolGrow function in expat/lib/xmlparse.c in expat before 2.1.0 allows context-dependent attackers to cause a denial of service (memory consumption) via a large number of crafted XML files that cause...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected	Not affected
audacity	Needs evaluation	Not affected	Not affected	Not affected	Not affected
ayttm	Not in release	Not in release	Not in release	Not in release	Vulnerable
cableswig	Not in release	Not in release	Not in release	Not in release	Vulnerable
cadaver	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
celementtree	Not in release	Not in release	Not in release	Not in release	Not in release
cmake	Not affected	Not affected	Not affected	Not affected	Not affected
coin3	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
expat	Not affected	Not affected	Not affected	Not affected	Not affected
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
grmonitor	Not in release	Not in release	Not in release	Not in release	Not in release
insighttoolkit	Not in release	Not in release	Not in release	Not in release	Vulnerable
kompozer	Not in release	Not in release	Not in release	Not in release	Not in release
libparagui1.1	Not in release	Not in release	Not in release	Not in release	Not in release
libxmltok	Vulnerable	Fixed	Fixed	Fixed	Fixed
matanza	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
paraview	Not affected	Not affected	Not affected	Not affected	Not affected
poco	Not affected	Not affected	Not affected	Not affected	Not affected
python-xml	Not in release	Not in release	Not in release	Not in release	Not in release
python2.4	Not in release	Not in release	Not in release	Not in release	Not in release
python2.5	Not in release	Not in release	Not in release	Not in release	Not in release
python2.6	Not in release	Not in release	Not in release	Not in release	Not in release
simgear	Not affected	Not affected	Not affected	Not affected	Not affected
sitecopy	Not in release	Not affected	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not affected	Not affected
swish-e	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
tdom	Not affected	Not affected	Not affected	Not affected	Not affected
texlive-bin	Not affected	Not affected	Not affected	Not affected	Not affected
tla	Not affected	Not affected	Not affected	Not affected	Not affected
vnc4	Not in release	Not in release	Not in release	Ignored	Ignored
vtk	Not in release	Not in release	Not in release	Not in release	Not affected
w3c-libwww	Not in release	Not in release	Not in release	Not in release	Not in release
wbxml2	Not affected	Not affected	Not affected	Not affected	Not affected
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release	Not in release
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	Not in release	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Fixed	Fixed	Fixed	Fixed	Fixed
xotcl	Not affected	Not affected	Not affected	Not affected	Not affected
xulrunner	Not in release	Not in release	Not in release	Not in release	Not in release

CVE-2012-0876

Medium priority

Some fixes available 36 of 388

The XML parser (xmlparse.c) in expat before 2.1.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption)...

41 affected packages

apache2, apr-util, audacity, ayttm, cableswig...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
apache2	Not affected	Not affected	Not affected	Not affected	Not affected
apr-util	Not affected	Not affected	Not affected	Not affected	Not affected
audacity	Needs evaluation	Not affected	Not affected	Not affected	Not affected
ayttm	Not in release	Not in release	Not in release	Not in release	Vulnerable
cableswig	Not in release	Not in release	Not in release	Not in release	Vulnerable
cadaver	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
celementtree	Not in release	Not in release	Not in release	Not in release	Not in release
cmake	Not affected	Not affected	Not affected	Not affected	Not affected
coin3	Not affected	Not affected	Not affected	Vulnerable	Vulnerable
expat	Not affected	Not affected	Not affected	Not affected	Not affected
gdcm	Not affected	Not affected	Not affected	Not affected	Not affected
ghostscript	Not affected	Not affected	Not affected	Not affected	Not affected
grmonitor	Not in release	Not in release	Not in release	Not in release	Not in release
insighttoolkit	Not in release	Not in release	Not in release	Not in release	Vulnerable
kompozer	Not in release	Not in release	Not in release	Not in release	Not in release
libparagui1.1	Not in release	Not in release	Not in release	Not in release	Not in release
libxmltok	Not affected	Not affected	Not affected	Not affected	Not affected
matanza	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
paraview	Not affected	Not affected	Not affected	Not affected	Not affected
poco	Not affected	Not affected	Not affected	Not affected	Not affected
python-xml	Not in release	Not in release	Not in release	Not in release	Not in release
python2.4	Not in release	Not in release	Not in release	Not in release	Not in release
python2.5	Not in release	Not in release	Not in release	Not in release	Not in release
python2.6	Not in release	Not in release	Not in release	Not in release	Not in release
simgear	Not affected	Not affected	Not affected	Not affected	Not affected
sitecopy	Not in release	Not affected	Not affected	Not affected	Not affected
smart	Not in release	Not in release	Not in release	Not affected	Not affected
swish-e	Vulnerable	Vulnerable	Vulnerable	Vulnerable	Vulnerable
tdom	Not affected	Not affected	Not affected	Not affected	Not affected
texlive-bin	Not affected	Not affected	Not affected	Not affected	Not affected
tla	Not affected	Not affected	Not affected	Not affected	Not affected
vnc4	Not in release	Not in release	Not in release	Ignored	Ignored
vtk	Not in release	Not in release	Not in release	Not in release	Not affected
w3c-libwww	Not in release	Not in release	Not in release	Not in release	Not in release
wbxml2	Not affected	Not affected	Not affected	Not affected	Not affected
wxwidgets2.6	Not in release	Not in release	Not in release	Not in release	Not in release
wxwidgets2.8	Not in release	Not in release	Not in release	Not in release	Not in release
wxwindows2.4	Not in release	Not in release	Not in release	Not in release	Not in release
xmlrpc-c	Fixed	Fixed	Fixed	Fixed	Fixed
xotcl	Not affected	Not affected	Not affected	Not affected	Not affected
xulrunner	Not in release	Not in release	Not in release	Not in release	Not in release

Export to JSON

Results by page: