Every CVE whose affected-product data names Ntop Ntopng, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2017-5473 — CVSS 8.8 (high): Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary…
CVE-2018-12520 — CVSS 8.1 (high): An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program…
CVE-2017-7458 — CVSS 7.5 (high): The NetworkInterface::getHost function in NetworkInterface.cpp in ntopng before 3.0 allows remote attackers to cause a denial of service…
CVE-2015-8368 — CVSS 6.0 (medium): ntopng (aka ntop) before 2.2 allows remote authenticated users to change the login context and gain privileges via the user cookie and…
CVE-2014-4329 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote attackers to inject arbitrary web script or…
CVE-2014-5464 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the nDPI traffic classification library in ntopng (aka ntop) before 1.2.1 allows remote…