nagios

301 tracked vulnerabilities.

CVE-2013-4214
Nagios Core < 3.5.1 - Arbitrary File Write via Symlink Attack on RSS Newsfeed Cache
Nov 23, 2013
EPSS 0.00
CVE-2013-1362
Opensuse < 2.13 - Improper Input Validation
Jul 09, 2013
EPSS 0.76
CVE-2012-10063 CRITICAL
Nagios XI <2012R1.3 - SQL Injection
Oct 30, 2025
CVSS 9.8
EPSS 0.01
CVE-2012-6096
Nagios Core < 3.4.4 / Icinga 1.6.x < 1.6.2, 1.7.x < 1.7.4, 1.8.x < 1.8.4 - Stack-Based Buffer Overflow
Jan 22, 2013
EPSS 0.80
CVE-2011-10040 MEDIUM
Nagios XI < 2011R1.9 - Cross-Site Scripting via Status Report Page Link Functions
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2011-10039 MEDIUM
Nagios XI < 2011R1.9 - Cross-Site Scripting via Alert Heatmap Report and My Reports Listing
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2011-10038 MEDIUM
Nagios XI < 2011R1.9 - Cross-Site Scripting via Recurring Downtime Script
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2011-10037 MEDIUM
Nagios XI < 2011R1.9 - Cross-Site Scripting via xiwindow Variables in Permalinks
Oct 30, 2025
CVSS 5.4
EPSS 0.01
CVE-2011-10036 MEDIUM
Nagios XI < 2011R1.9 - Cross-Site Scripting via Backend URL JavaScript Link Handler
Oct 30, 2025
CVSS 5.4
EPSS 0.00
CVE-2011-10035 HIGH
Nagios XI < 2011R1.9 - Privilege Escalation via Crontab Install Script Race Condition
Oct 30, 2025
CVSS 7.0
EPSS 0.00
CVE-2011-2179
Icinga < 1.4.0 - Cross-Site Scripting via Expand Parameter
Jun 14, 2011
EPSS 0.30
CVE-2011-1523
Nagios < 3.2.3 - Cross-Site Scripting via statusmap.cgi layer Parameter
May 03, 2011
EPSS 0.01
CVE-2009-2288
Nagios < 3.1.1 - OS Command Injection via statuswml.cgi Ping or Traceroute Parameters
Jul 01, 2009
EPSS 0.93
CVE-2008-7313 CRITICAL
snoopy < 4.2.3 - Remote Command Execution via _httpsrequest Function
Mar 31, 2017
CVSS 9.8
EPSS 0.01
CVE-2008-6373
Nagios < 3.0.6 - Remote Code Execution via Adaptive External Commands
Mar 02, 2009
EPSS 0.00
CVE-2008-5028
Nagios < 3.0.4 - Cross-Site Request Forgery
Nov 10, 2008
EPSS 0.01
CVE-2008-5027
Nagios < 3.0.5 - Authenticated Arbitrary Program Execution via Custom Form or Browser Addon
Nov 10, 2008
EPSS 0.01
CVE-2008-4796
Snoopy < 1.2.3 - OS Command Injection via HTTPS URL Shell Metacharacters
Oct 30, 2008
EPSS 0.01
CVE-2008-1360
Nagios < 2.11 - Cross-Site Scripting via CGI Scripts
Mar 17, 2008
EPSS 0.00
CVE-2007-5803
Nagios < 2.12 - Cross-Site Scripting
May 13, 2008
EPSS 0.00
CVE-2007-5623
Nagios Plugins 1.4.10 - Denial of Service via SNMP Reply Buffer Overflow
Oct 23, 2007
EPSS 0.01
CVE-2007-5624
Nagios < 2.9 - Cross-Site Scripting via CGI Scripts
Oct 23, 2007
EPSS 0.00
CVE-2007-5198
Nagios Plugins < 1.4.9 - Buffer Overflow via Location Header with Leading 'L' Characters
Oct 04, 2007
EPSS 0.17
CVE-2006-2489
Nagios 1.x < 1.4.1 and 2.x < 2.3.1 - Remote Code Execution via Content-Length Header Overflow
May 19, 2006
EPSS 0.02
CVE-2006-2162
Nagios < 1.3 - Remote Code Execution via Negative Content-Length HTTP Header
May 03, 2006
EPSS 0.01
Products
nagios_xi 192 nagios 37 log_server 23 fusion 19 network_analyzer 7 nagios_core 5 XI 3 incident_manager 3 plugins 3 remote_plug_in_executor 3 Log Server 2 Nagios XI 2 favorites 2 nagios_cross_platform_agent 2 business_process_intelligence 1 nagios_network_analyzer 1 nagios_xi_docker_wizard 1 nagios_xi_switch_wizard 1 nagios_xi_watchguard_wizard 1 ndoutils 1 remote_plugin_executor 1
Quick Filters
Critical CVEs With Exploits In CISA KEV