Vulnerabilities in Checkmk GmbH
81 resultsCVE-2023-31209HIGHCommand injection via active checks and REST APIEPSS 1.0%CVE-2023-31208HIGHLivestatus command injection in RestAPIEPSS 1.0%CVE-2023-6157HIGHLivestatus injection in ajax_searchEPSS 0.9%CVE-2023-6156HIGHLivestatus injection in availability timelineEPSS 0.9%CVE-2025-1712HIGHArbitrary file write with vcrtraceEPSS 0.7%CVE-2024-38865MEDIUMLivestatus command injection in RestAPIEPSS 0.6%CVE-2025-39664HIGHPath-Traversal in report schedulerEPSS 0.6%CVE-2023-23549LOWDoS via long hostnamesEPSS 0.6%CVE-2023-22348MEDIUMReading host_configs does not honour contact groupsEPSS 0.6%CVE-2025-39663HIGHCross Site Scripting through compromised remote siteEPSS 0.6%CVE-2023-31210HIGHPrivilege escalation in agent via LD_LIBRARY_PATHEPSS 0.5%CVE-2024-6163MEDIUMlocal IP restriction of internal HTTP endpointsEPSS 0.5%CVE-2024-28825MEDIUMBrute-force protection ineffective for some login methodsEPSS 0.5%CVE-2023-31211HIGHDisabled automation users could still authenticateEPSS 0.5%CVE-2024-28826HIGHUnrestricted upload and download paths in check_sftpEPSS 0.5%CVE-2024-6542MEDIUMLivestatus injection in mknotifydEPSS 0.5%CVE-2024-8606CRITICALFix 2FA bypass via RestAPIEPSS 0.4%CVE-2024-38859MEDIUMXSS in view page with SLA columnEPSS 0.4%CVE-2024-38863LOWCSRF token leaked in URL parametersEPSS 0.4%CVE-2024-28833MEDIUMMissing brute-force protection for two factor authenticationEPSS 0.4%