VYPR

Plugins

by Nagios

Source repositories

CVEs (8)

  • CVE-2023-37154HigOct 9, 2024
    risk 0.48cvss 8.4epss 0.00

    check_by_ssh in Nagios nagios-plugins 2.4.5 allows arbitrary command execution via ProxyCommand, LocalCommand, and PermitLocalCommand with \${IFS}. This has been categorized both as fixed in e8810de, and as intended behavior.

  • CVE-2026-6342MedMay 18, 2026
    risk 0.28cvss 4.3epss 0.00

    Mattermost Plugins versions <=11.5 11.1.5 10.13.11 11.3.4.0 fail to appropriately check for valid namespaces which allows plugin users to create subscriptions to groups that were not whitelisted via creating groups that share the same prefix as a whitelisted group. Mattermost…

  • CVE-2007-5198Oct 4, 2007
    risk 0.04cvss epss 0.08

    Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when running with the -f (follow) option, allows remote web servers to execute arbitrary code via Location header responses (redirects) with a large number of leading "L" characters.

  • CVE-2014-4703Dec 5, 2014
    risk 0.03cvss epss 0.01

    lib/parse_ini.c in Nagios Plugins 2.0.2 allows local users to obtain sensitive information via a symlink attack on the configuration file in the extra-opts flag. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4701.

  • CVE-2014-4702Dec 5, 2014
    risk 0.00cvss epss 0.00

    The check_icmp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4701.

  • CVE-2014-4701Dec 5, 2014
    risk 0.00cvss epss 0.01

    The check_dhcp plugin in Nagios Plugins before 2.0.2 allows local users to obtain sensitive information from INI configuration files via the extra-opts flag, a different vulnerability than CVE-2014-4702.

  • CVE-2013-4215May 5, 2014
    risk 0.00cvss epss 0.00

    The IPXPING_COMMAND in contrib/check_ipxping.c in Nagios Plugins 1.4.16 allows local users to gain privileges via a symlink attack on /tmp/ipxping/ipxping.

  • CVE-2007-5623Oct 23, 2007
    risk 0.00cvss epss 0.03

    Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote attackers to cause a denial of service (crash) via crafted snmpget replies.