Skip to main content

Monit

3 CVEs product

Monthly

CVE-2019-11455 HIGH POC PATCH This Week

A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Information Disclosure Monit Debian Linux +2
NVD GitHub
CVSS 3.1
8.1
EPSS
3.1%
CVE-2019-11454 MEDIUM POC PATCH This Month

Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Monit Ubuntu Linux Debian Linux Fedora
NVD GitHub
CVSS 3.1
6.1
EPSS
2.4%
CVE-2019-11393 CRITICAL POC Act Now

An issue was discovered in /admin/users/update in M/Monit before 3.7.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Monit
NVD Exploit-DB
CVSS 3.0
9.8
EPSS
2.1%
EPSS 3% CVSS 8.1
HIGH POC PATCH This Week

A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Denial Of Service Buffer Overflow Information Disclosure +4
NVD GitHub
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipulation of an unsanitized. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Monit Ubuntu Linux +2
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL POC Act Now

An issue was discovered in /admin/users/update in M/Monit before 3.7.3. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Privilege Escalation Monit
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy