Nagios Core
By the Year
In 2024 there have been 0 vulnerabilities in Nagios Core . Nagios Core did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 8.80 |
| 2019 | 0 | 0.00 |
| 2018 | 3 | 5.47 |
It may take a day or so for new Nagios Core vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Nagios Core Security Vulnerabilities
Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions
CVE-2020-35269
8.8 - High
- December 23, 2020
Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding deleting for hosts or servers.
Session Riding
Nagios Core 4.4.2 has XSS
CVE-2018-18245
5.4 - Medium
- December 17, 2018
Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.
XSS
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which
CVE-2018-13457
5.5 - Medium
- July 12, 2018
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
NULL Pointer Dereference
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which
CVE-2018-13458
5.5 - Medium
- July 12, 2018
qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket.
NULL Pointer Dereference
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Nagios Core or by Nagios? Click the Watch button to subscribe.
