Home/Product/xymon
Product

xymon

16 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2019-13486
<= 4.3.28
In Xymon through 4.3.28, a stack-based buffer overflow exists in the status-log viewer component because of &nbsp; expansion in sv
9.8CRITICAL
 CVE-2019-13485
<= 4.3.28
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the history viewer component via a long hostname or
9.8CRITICAL
 CVE-2019-13484
<= 4.3.28
In Xymon through 4.3.28, a buffer overflow exists in the status-log viewer CGI because of &nbsp; expansion in appfeed.c.
9.8CRITICAL
 CVE-2019-13455
<= 4.3.28
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of &nbsp;
9.8CRITICAL
 CVE-2019-13452
<= 4.3.28
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c.
9.8CRITICAL
 CVE-2019-13451
<= 4.3.28
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c.
9.8CRITICAL
 CVE-2019-13274
<= 4.3.28
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter.
6.1MEDIUM
 CVE-2019-13273
<= 4.3.28
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sendin
9.8CRITICAL
 CVE-2015-1430
all versions
Buffer overflow in xymon 4.3.17-1.
9.8CRITICAL
 CVE-2016-2058
all versions
Multiple cross-site scripting (XSS) vulnerabilities in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow (1) remote Xymon clients
5.4MEDIUM
 CVE-2016-2057
all versions
lib/xymond_ipc.c in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 use weak permissions (666) for an unspecified IPC message queue, w
3.3LOW
 CVE-2016-2056
all versions
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute arbitrary commands via shell met
8.8HIGH
 CVE-2016-2055
all versions
xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the con
7.5HIGH
 CVE-2016-2054
all versions
Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to ex
9.8CRITICAL
 CVE-2013-4173
<= 4.3.1
Directory traversal vulnerability in the trend-data daemon (xymond_rrd) in Xymon 4.x before 4.3.12 allows remote attackers to dele
 CVE-2011-1716
<= 4.3.0
Multiple cross-site scripting (XSS) vulnerabilities in the Web UI in Xymon before 4.3.1 allow remote attackers to inject arbitrary
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns TAXII feed Data sources
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh