Proactive Insights and Support For Open-Source Applications
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
Get Started
Book a demo
  • Applications
  • Platform
  • Support
  • Resources
    • FAQ
    • Newsflash
    • OSSpedia
    • How-to Guides
    • Case Studies
    • Articles
  • Company
    • About Us
    • The OSS in Hossted
  • Contact
  • Home
  • Knowledge Base
  • Newsflash
  • DevOps
  • Monitoring

Monitoring

All OSSpediaArticlesHow ToNewsflashCase Studies
Don't Miss out!
Join our newsletter for exclusive updates on open source innovations.

    Selected category
    • Communication
      • Communication
    • Communication and Collaboration
      • Communication
    • Specialized Software
      • Educational
      • Graphic Design
    • Business and Enterprise Solutions
      • Productivity
      • Supply Chain Management (SCM)
      • CRM
      • E-commerce
      • CMS
      • Marketing Automation
      • ERP
    • Project and Agile Management
      • Project Management
      • IT Business Management
    • Infrastructure and Network
      • Networking
      • Storage
      • Security
    • DevOps
      • Mobile App Development
      • Backup and Recovery
      • Data Analytics
      • Web Development
      • Developer Stacks
      • Cloud Computing
      • Monitoring
      • Application Development
      • Developer Tools
    • Data Management and Analytics
      • Communication
      • Application Development
      • Analytics
      • Machine Learning
      • Database
      • Data Analytics
    8 Apr 2025 DevOps
    Zabbix: Regular User Can Exploit API to Run SQL Commands

    In Zabbix versions from 7.0.0 to 7.0.7 and from 7.2.0 to 7.2.1 a high severity vulnerability CVE-2024-36465 was detected. This vulnerability allows attackers with low-level API access to run SQL commands using the groupBy setting. Currently there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-36465.

    Read more
    Monitoring
    7 Apr 2025 DevOps
    Zabbix: DoS Vulnerability via Resource Exhaustion

    In Zabbix Server versions 6.0.0 up to 6.0.38, 7.0.0 up to 7.0.9, 7.2.0 up to 7.2.3 a medium severity vulnerability CVE-2024-45700 was detected. This vulnerability allows attackers to send specially crafted requests that cause excessive memory allocation and CPU-intensive decompression, ultimately leading to a service crash. To address this issue, users should upgrade Zabbix Server to versions 6.0.39rc1, 7.0.10rc1, 7.2.4rc1 or 7.4.0alpha1. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-45700.

    Read more
    Monitoring
    7 Apr 2025 DevOps
    Zabbix: Cross-Site Scripting (XSS) Vulnerability in Export Endpoint

    In Zabbix Server versions 6.0.0 up to 6.0.36, 6.4.0 up to 6.4.20 and 7.0.0 up to 7.0.6 a high severity vulnerability CVE-2024-45699 was detected. This vulnerability allows attackers to inject a JavaScript payload through the backurl parameter in the /zabbix.php?action=export.valuemaps endpoint, leading to a Cross-Site Scripting (XSS) attack. Currently, there is no fix version for this issue. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2024-45699.

    Read more
    Monitoring
    21 Jan 2025 DevOps
    LibreNMS: Stored XSS Vulnerability

    In LibreNMS versions up to 24.10.1 a medium severity vulnerability CVE-2025-23200 was detected. This vulnerability allows attackers to inject malicious scripts via a stored XSS on the parameter `state` in `ajax_form.php`, leading to potential unauthorized actions or data exposure. To address this issue, users should upgrade LibreNMS to version 24.11.0. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-23200.

    Read more
    Monitoring
    20 Jan 2025 DevOps
    Sentry: SSO Security Flaw

    In Sentry versions starting from 21.12.0 before 24.12.1 a medium severity vulnerability CVE-2025-22146 was detected. This vulnerability allows attackers to exploit Sentry’s SAML SSO to crash the application by sending posts with improperly formatted attachments. To fix this issue, users should upgrade Sentry to version 25.1.0. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2025-22146.

    Read more
    Monitoring
    20 Jan 2025 DevOps
    Librenms: Malicious Script Injection

    In Librenms versions up to 24.10.1 a medium severity vulnerability CVE-2025-23200 was detected. This vulnerability allows attackers to inject malicious scripts into Librenms, which can then execute when viewed by a user, potentially leading to unauthorized actions or data exposure. To fix this issue, users should upgrade Librenms to version 24.11.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2025-23200.

    Read more
    Monitoring
    20 Jan 2025 DevOps
    Librenms: Exploiting Stored XSS

    In Librenms versions up to 24.10.1 a medium severity vulnerability CVE-2025-23198 was detected. This vulnerability allows attackers to insert malicious scripts, which execute when a user interacts with the page, potentially resulting in unauthorized actions. To fix this issue, users should upgrade Librenms to version 24.11.0. For more details, visit https://nvd.nist.gov/vuln/detail/cve-2025-23198.

    Read more
    Monitoring
    17 Jan 2025 DevOps
    LibreNMS: Cross-site Scripting (XSS) Vulnerability

    In LibreNMS versions prior to 24.10.1 a medium severity vulnerability CVE-2025-23201 was detected. This vulnerability allows remote attackers to execute malicious scripts via the `/addhost` parameter `community`, leading to unauthorized actions or data exposure. To address this issue, users should upgrade LibreNMS to version 24.11.0 or later. For more details, visit https://nvd.nist.gov/vuln/detail/CVE-2025-23201.

    Read more
    Monitoring
    13 Jan 2025 DevOps
    Nagios XI: Cross-Site Scripting Vulnerability in Account Settings Page

    In Nagios XI version 2024R1.1.4 a medium severity vulnerability CVE-2024-42898 was detected. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter in the Account Settings page. Currently, there is no fix version for this issue. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-42898.

    Read more
    Monitoring
    Proactive Insights and Support For Open-Source Applications
    Contact us: Whatsapp
    Company
    • About Hossted
    • Data Processing Addendum
    Solutions
    • Applications
    • Support Plans
    • About Solution
    Resources
    • FAQ
    • Knowledge Base
    © HOSSTED 2025 All rights reserved
    • Privacy Policy
    • Terms and Conditions
    • Cookies Policy