← Back

Collectd

collectd

5 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Collectd
collectd
5 CVEs

CVEs (5)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-18240
1Collectd
1Collectd
Nov 21, 2024
Mar 19, 2018
N/A· v4
5.5 MEDIUM· v3
4.9 MEDIUM· v2
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for P...Show more
The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL (when the service is stopped).Show less
CVE-2017-16820
1Collectd
1Collectd
May 13, 2026
Nov 14, 2017
N/A· v4
9.8 CRITICAL· v3
10.0 HIGH· v2
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which could lead to a crash (or potentially have other impact).
CVE-2017-7401
1Collectd
1Collectd
May 13, 2026
Apr 3, 2017
N/A· v4
7.5 HIGH· v3
5.0 MEDIUM· v2
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (c...Show more
Incorrect interaction of the parse_packet() and parse_part_sign_sha256() functions in network.c in collectd 5.7.1 and earlier allows remote attackers to cause a denial of service (infinite loop) of a collectd instance (configured with "SecurityLevel None" and with empty "AuthFile" options) via a crafted UDP packet.Show less
CVE-2016-6254
3Collectd
DebianFedoraproject
3Collectd
Debian LinuxFedora
May 6, 2026
Aug 19, 2016
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code vi...Show more
Heap-based buffer overflow in the parse_packet function in network.c in collectd before 5.4.3 and 5.x before 5.5.2 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet.Show less
CVE-2010-4336
1Collectd
1Collectd
Apr 29, 2026
Dec 17, 2010
N/A· v4
N/A· v3
5.0 MEDIUM· v2
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is...Show more
The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins.Show less