The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Nagios Open Source

Nagios Core: Cross Site Scripting via Plugin Output
An attacker can trigger a Cross Site Scripting via Plugin Output of Nagios Core, in order to run JavaScript code in the context of the web site...
CERTFR-2019-AVI-026, CERTFR-2019-AVI-046, CVE-2018-18245, DLA-1615-1, FEDORA-2019-0b44528ff1, FEDORA-2019-376ecc221c, openSUSE-SU-2020:0500-1, openSUSE-SU-2020:0517-1, VIGILANCE-VUL-28045
Nagios Core: NULL pointer dereference via qh_core
An attacker can force a NULL pointer to be dereferenced via qh_core of Nagios Core, in order to trigger a denial of service...
CVE-2018-13458, FEDORA-2019-0b44528ff1, FEDORA-2019-376ecc221c, openSUSE-SU-2020:0500-1, openSUSE-SU-2020:0517-1, VIGILANCE-VUL-26737
Nagios Core: NULL pointer dereference via qh_echo
An attacker can force a NULL pointer to be dereferenced via qh_echo of Nagios Core, in order to trigger a denial of service...
CVE-2018-13457, FEDORA-2019-0b44528ff1, FEDORA-2019-376ecc221c, openSUSE-SU-2020:0500-1, openSUSE-SU-2020:0517-1, VIGILANCE-VUL-26736
Nagios Core: NULL pointer dereference via qh_help
An attacker can force a NULL pointer to be dereferenced via qh_help of Nagios Core, in order to trigger a denial of service...
CVE-2018-13441, FEDORA-2019-0b44528ff1, FEDORA-2019-376ecc221c, openSUSE-SU-2020:0500-1, openSUSE-SU-2020:0517-1, VIGILANCE-VUL-26735
Nagios: privilege escalation via nagios.cfg
An attacker can bypass restrictions via nagios.cfg of Nagios, in order to escalate his privileges...
CVE-2017-14312, FEDORA-2017-9d345f250a, FEDORA-2017-d270e932a3, VIGILANCE-VUL-23809
Nagios: denial of service via nagios.lock PID File
An attacker can generate a fatal error via nagios.lock PID File of Nagios, in order to trigger a denial of service...
CVE-2017-12847, VIGILANCE-VUL-23605
Nagios: Cross Site Scripting via corewindow
An attacker can trigger a Cross Site Scripting via corewindow of Nagios, in order to run JavaScript code in the context of the web site...
CVE-2016-6209, VIGILANCE-VUL-22311
Nagios: privilege escalation via /etc/init.d/nagios
A local attacker with privileges of the nagios user, can create a hard link, to force /etc/init.d/nagios of Nagios to change the owner of a file belonging to root...
CVE-2016-10089, openSUSE-SU-2018:3258-1, SUSE-SU-2018:3240-1, VIGILANCE-VUL-21495
Nagios: privilege escalation
An attacker can bypass restrictions of Nagios, in order to escalate his privileges...
CERTFR-2016-AVI-399, CVE-2016-9566, DLA-1615-1, DLA-751-1, openSUSE-SU-2017:0146-1, USN-3253-1, USN-3253-2, VIGILANCE-VUL-21328
Nagios Open Source: code execution via the RSS interface
An attacker can use a vulnerability via a PHP class implementing RSS in Nagios Open Source, in order to run code...
CVE-2016-9565, DLA-751-1, VIGILANCE-VUL-21395
Our database contains other pages. You can request a free trial to read them.

Display information about Nagios Open Source: