Xymon : Security Vulnerabilities, CVEs, CVSS score >= 9
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of expansion in svcstatus.c.
Max CVSS
9.8
EPSS Score
0.29%
Published
2019-08-27
Updated
2020-08-24
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or service parameter to history.c.
Max CVSS
9.8
EPSS Score
0.41%
Published
2019-08-27
Updated
2020-08-24
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of expansion in appfeed.c.
Max CVSS
9.8
EPSS Score
0.29%
Published
2019-08-27
Updated
2019-08-28
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c.
Max CVSS
9.8
EPSS Score
0.47%
Published
2019-08-27
Updated
2020-08-24
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
Max CVSS
9.8
EPSS Score
0.29%
Published
2019-08-27
Updated
2019-08-28
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
Max CVSS
9.8
EPSS Score
0.29%
Published
2019-08-27
Updated
2019-08-28
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter.
Max CVSS
9.8
EPSS Score
0.22%
Published
2019-08-27
Updated
2020-08-24
Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a long filename, involving handling a "config" command.
Max CVSS
9.8
EPSS Score
6.84%
Published
2016-04-13
Updated
2018-10-09
Buffer overflow in xymon 4.3.17-1.
Max CVSS
9.8
EPSS Score
0.31%
Published
2017-08-28
Updated
2017-08-31
9 vulnerabilities found