pkg:Debian/xymon

19 total CVEsCRITICAL12HIGH2MEDIUM2LOW1

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2019-13486In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of   expansion in svcstatus.c.
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2019-13485In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service…
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2019-13484In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of &nbsp; expansion in appfeed.c.
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2019-13455In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of &nbsp; expansio…
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2019-13452In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2019-13451In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2019-13273xymon - security update
    from 0, < 4.3.17-6+deb8u2
  • CRITICAL9.8CVE-2019-13273xymon - security update
    from 0, < 4.3.29-1
  • CRITICAL9.8CVE-2015-1430Buffer overflow in xymon 4.3.17-1.
    from 0, < 4.3.17-5
  • CRITICAL9.8CVE-2016-2054xymon - security update
    from 0, < 4.3.17-6+deb8u1
  • CRITICAL9.8CVE-2016-2054xymon - security update
    from 0, < 4.3.25-1
  • CRITICAL9.8CVE-2016-2054xymon - security update
    from 0, < 4.3.0~beta2.dfsg-9.1+deb7u1
  • HIGH8.8CVE-2016-2056xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell metacharacte…
    from 0, < 4.3.25-1
  • HIGH7.5CVE-2016-2055xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuratio…
    from 0, < 4.3.25-1
  • MEDIUM6.1CVE-2019-13274In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
    from 0, < 4.3.29-1
  • MEDIUM5.4CVE-2016-2058Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow (1) remote Xymon clients to inject…
    from 0, < 4.3.25-1
  • LOW3.3CVE-2016-2057lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, which allo…
    from 0, < 4.3.25-1
  • CVE-2013-4173Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x before 4.3.12 allows remote attackers to delete arbitr…
    from 0, < 4.3.17-2
  • CVE-2011-1716Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary web scri…
    from 0, < 4.3.7-1