Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Nagios Subscribe
Filtered by product Remote Plug In Executor
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-6582 2 Fedoraproject, Nagios 2 Fedora, Remote Plug In Executor 2022-04-18 5.0 MEDIUM 7.5 HIGH
Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call.
CVE-2020-6581 2 Fedoraproject, Nagios 2 Fedora, Remote Plug In Executor 2021-07-21 3.7 LOW 7.3 HIGH
Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection.
CVE-2013-1362 2 Nagios, Opensuse 2 Remote Plug In Executor, Opensuse 2018-10-30 7.5 HIGH N/A
Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plug-In Executor (NRPE) before 2.14 might allow remote attackers to execute arbitrary shell commands via "$()" shell metacharacters, which are processed by bash.