Search CVE reports


Toggle filters

1 – 10 of 55 results


CVE-2024-49369

Medium priority
Needs evaluation

Icinga is a monitoring system which checks the availability of network resources, notifies users of outages, and generates performance data for reporting. The TLS certificate validation in all Icinga 2 versions starting from 2.4.0...

1 affected packages

icinga2

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga2 Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2024-41811

Medium priority
Needs evaluation

ipl/web is a set of common web components for php projects. Some of the recent development by Icinga is, under certain circumstances, susceptible to cross site request forgery. (CSRF). All affected products, in any version, will...

1 affected packages

icinga-php-library

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga-php-library Needs evaluation Needs evaluation Not in release
Show less packages

CVE-2024-24820

Medium priority
Needs evaluation

Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request...

1 affected packages

icingaweb2-module-director

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icingaweb2-module-director Needs evaluation Needs evaluation Needs evaluation
Show less packages

CVE-2022-38254

Medium priority
Needs evaluation

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the ajax.php script in CCM 3.1.5.

3 affected packages

icinga, nagios3, nagios4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga Not in release Not in release Needs evaluation Needs evaluation
nagios3 Not in release Not in release Needs evaluation Needs evaluation
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-38251

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Performance Settings page under the Admin panel.

3 affected packages

icinga, nagios3, nagios4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga Not in release Not in release Needs evaluation Needs evaluation
nagios3 Not in release Not in release Needs evaluation Needs evaluation
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-38250

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page.

3 affected packages

icinga, nagios3, nagios4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga Not in release Not in release Needs evaluation Needs evaluation
nagios3 Not in release Not in release Needs evaluation Needs evaluation
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-38249

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the MTR component in version 1.0.4.

3 affected packages

icinga, nagios3, nagios4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga Not in release Not in release Needs evaluation Needs evaluation
nagios3 Not in release Not in release Needs evaluation Needs evaluation
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-38248

Medium priority
Needs evaluation

Nagios XI before v5.8.7 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at auditlog.php.

3 affected packages

icinga, nagios3, nagios4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga Not in release Not in release Needs evaluation Needs evaluation
nagios3 Not in release Not in release Needs evaluation Needs evaluation
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-38247

Medium priority
Needs evaluation

Nagios XI v5.8.6 was discovered to contain a cross-site scripting (XSS) vulnerability via the System Settings page under the Admin panel.

3 affected packages

icinga, nagios3, nagios4

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga Not in release Not in release Needs evaluation Needs evaluation
nagios3 Not in release Not in release Needs evaluation Needs evaluation
nagios4 Needs evaluation Needs evaluation Needs evaluation Not in release Ignored
Show less packages

CVE-2022-36032

Medium priority
Needs evaluation

ReactPHP HTTP is a streaming HTTP client and server implementation for ReactPHP. In ReactPHP's HTTP server component versions starting with 0.7.0 and prior to 1.7.0, when ReactPHP is processing incoming HTTP cookie values, the...

2 affected packages

icinga-php-thirdparty, icingaweb2-module-reactbundle

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
icinga-php-thirdparty Needs evaluation Needs evaluation Not in release Not in release Ignored
icingaweb2-module-reactbundle Needs evaluation Needs evaluation Not in release Not in release Ignored
Show less packages