Tildeslash » Monit » 1.4 : Security Vulnerabilities, CVEs, CVSS score >= 2
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.
Max CVSS
8.8
EPSS Score
0.10%
Published
2023-07-18
Updated
2023-07-27
A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulation of GET or POST parameters. The attacker can also cause a denial of service (application outage).
Max CVSS
8.1
EPSS Score
0.16%
Published
2019-04-22
Updated
2022-03-31
An issue was discovered in /admin/users/update in M/Monit before 3.7.3. It allows unprivileged users to escalate their privileges to an administrator by requesting a password change and specifying the admin parameter.
Max CVSS
9.8
EPSS Score
7.98%
Published
2019-04-22
Updated
2019-04-30
The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one overflow via a POST that contains 1024 bytes.
Max CVSS
5.0
EPSS Score
3.63%
Published
2004-12-31
Updated
2017-07-11
Stack-based buffer overflow in the administration interface in Monit 1.4 through 4.2 allows remote attackers to execute arbitrary code via a long username.
Max CVSS
10.0
EPSS Score
20.98%
Published
2004-12-31
Updated
2017-07-11
Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field.
Max CVSS
5.0
EPSS Score
6.47%
Published
2003-11-24
Updated
2017-07-11
Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.
Max CVSS
10.0
EPSS Score
13.15%
Published
2003-12-31
Updated
2017-07-11
7 vulnerabilities found