Filtered by vendor Tribe29
Subscribe
Total
46 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24566 | 1 Tribe29 | 1 Checkmk | 2022-03-02 | 3.5 LOW | 5.4 MEDIUM |
| In Checkmk <=2.0.0p19 fixed in 2.0.0p20 and Checkmk <=1.6.0p27 fixed in 1.6.0p28, the title of a Predefined condition is not properly escaped when shown as condition, which can result in Cross Site Scripting (XSS). | |||||
| CVE-2022-24565 | 1 Tribe29 | 1 Checkmk | 2022-03-02 | 3.5 LOW | 5.4 MEDIUM |
| Checkmk <=2.0.0p19 Fixed in 2.0.0p20 and Checkmk <=1.6.0p27 Fixed in 1.6.0p28 are affected by a Cross Site Scripting (XSS) vulnerability. The Alias of a site was not properly escaped when shown as condition for notifications. | |||||
| CVE-2022-24564 | 1 Tribe29 | 1 Checkmk | 2022-03-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Checkmk <=2.0.0p19 contains a Cross Site Scripting (XSS) vulnerability. While creating or editing a user attribute, the Help Text is subject to HTML injection, which can be triggered for editing a user. | |||||
| CVE-2020-28919 | 1 Tribe29 | 1 Checkmk | 2022-01-21 | 3.5 LOW | 5.4 MEDIUM |
| A stored cross site scripting (XSS) vulnerability in Checkmk 1.6.0x prior to 1.6.0p19 allows an authenticated remote attacker to inject arbitrary JavaScript via a javascript: URL in a view title. | |||||
| CVE-2020-24908 | 1 Tribe29 | 1 Checkmk | 2021-02-25 | 7.2 HIGH | 7.8 HIGH |
| Checkmk before 1.6.0p17 allows local users to obtain SYSTEM privileges via a Trojan horse shell script in the %PROGRAMDATA%\checkmk\agent\local directory. | |||||
| CVE-2017-14955 | 1 Tribe29 | 1 Checkmk | 2019-10-17 | 4.3 MEDIUM | 5.9 MEDIUM |
| Check_MK before 1.2.8p26 mishandles certain errors within the failed-login save feature because of a race condition, which allows remote attackers to obtain sensitive user information by reading a GUI crash report. | |||||