Vulnerabilities > Nagios > Nagios Core > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-12-17 | CVE-2018-18245 | Cross-site Scripting vulnerability in multiple products Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE. | 5.4 |
| 2018-07-12 | CVE-2018-13458 | NULL Pointer Dereference vulnerability in Nagios Core qh_core in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | 5.5 |
| 2018-07-12 | CVE-2018-13457 | NULL Pointer Dereference vulnerability in Nagios Core qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. | 5.5 |