CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13273
https://notcve.org/view.php?id=CVE-2019-13273
In Xymon through 4.3.28, a buffer overflow vulnerability exists in the csvinfo CGI script. The overflow may be exploited by sending a crafted GET request that triggers an sprintf of the srcdb parameter. En Xymon a través de 4.3.28, existe una vulnerabilidad de desbordamiento de búfer en el script CGI csvinfo. El desbordamiento se puede aprovechar enviando una solicitud GET creada que desencadena una sprintf del parámetro srcdb. • https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html • CWE-787: Out-of-bounds Write •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13274
https://notcve.org/view.php?id=CVE-2019-13274
In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CGI script due to insufficient filtering of the db parameter. En Xymon a través de 4.3.28, existe una vulnerabilidad XSS en el script CGI csvinfo debido a un filtrado insuficiente del parámetro db. • https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/csvinfo.c https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13451
https://notcve.org/view.php?id=CVE-2019-13451
In Xymon through 4.3.28, a buffer overflow vulnerability exists in history.c. En Xymon a través de 4.3.28, existe una vulnerabilidad de desbordamiento de búfer en history.c. • https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/history.c https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html https://lists.xymon.com/archive/2019-July/046570.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-13452
https://notcve.org/view.php?id=CVE-2019-13452
In Xymon through 4.3.28, a buffer overflow vulnerability exists in reportlog.c. En Xymon a través de 4.3.28, existe una vulnerabilidad de desbordamiento de búfer en reportlog.c. • https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/reportlog.c https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html https://lists.xymon.com/archive/2019-July/046570.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-13455
https://notcve.org/view.php?id=CVE-2019-13455
In Xymon through 4.3.28, a stack-based buffer overflow vulnerability exists in the alert acknowledgment CGI tool because of expansion in acknowledge.c. En Xymon a través de 4.3.28, existe una vulnerabilidad de desbordamiento de búfer basada en pila en la herramienta CGI de confirmación de alerta debido a expansión en acknowledge.c. • https://github.com/svn2github/xymon/blob/master/branches/4.3.28/web/acknowledge.c https://lists.debian.org/debian-lts-announce/2019/08/msg00032.html https://lists.xymon.com/archive/2019-July/046570.html • CWE-787: Out-of-bounds Write •