Librenms
by Librenms
Source repositories
CVEs (90)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4982 | 0.00 | — | 0.01 | Sep 15, 2023 | Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0. | |||
| CVE-2023-4981 | 0.00 | — | 0.01 | Sep 15, 2023 | Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. | |||
| CVE-2023-4980 | 0.00 | — | 0.01 | Sep 15, 2023 | Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0. | |||
| CVE-2023-4978 | 0.00 | — | 0.01 | Sep 15, 2023 | Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. | |||
| CVE-2023-4979 | 0.00 | — | 0.01 | Sep 15, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0. | |||
| CVE-2023-4977 | 0.00 | — | 0.00 | Sep 15, 2023 | Code Injection in GitHub repository librenms/librenms prior to 23.9.0. | |||
| CVE-2023-4347 | 0.00 | — | 0.67 | Aug 15, 2023 | Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0. | |||
| CVE-2022-4069 | 0.00 | — | 0.93 | Nov 20, 2022 | Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. | |||
| CVE-2022-4067 | 0.00 | — | 0.94 | Nov 20, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. | |||
| CVE-2022-3516 | 0.00 | — | 0.00 | Nov 20, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. | |||
| CVE-2022-4070 | 0.00 | — | 0.01 | Nov 20, 2022 | Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0. | |||
| CVE-2022-4068 | 0.00 | — | 0.34 | Nov 20, 2022 | A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to… | |||
| CVE-2022-3561 | 0.00 | — | 0.01 | Nov 20, 2022 | Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. | |||
| CVE-2022-3525 | 0.00 | — | 0.01 | Nov 20, 2022 | Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0. | |||
| CVE-2022-3231 | 0.00 | — | 0.01 | Sep 17, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0. | |||
| CVE-2022-36746 | 0.00 | — | 0.00 | Aug 30, 2022 | LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php. | |||
| CVE-2022-36745 | 0.00 | — | 0.00 | Aug 30, 2022 | LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component print-customoid.php. | |||
| CVE-2022-29712 | 0.00 | — | 0.02 | May 31, 2022 | LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters. | |||
| CVE-2022-29711 | 0.00 | — | 0.01 | May 31, 2022 | LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php. | |||
| CVE-2022-0772 | 0.00 | — | 0.01 | Feb 27, 2022 | Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2. |
- CVE-2023-4982Sep 15, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.
- CVE-2023-4981Sep 15, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.
- CVE-2023-4980Sep 15, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0.
- CVE-2023-4978Sep 15, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.
- CVE-2023-4979Sep 15, 2023risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.
- CVE-2023-4977Sep 15, 2023risk 0.00cvss —epss 0.00
Code Injection in GitHub repository librenms/librenms prior to 23.9.0.
- CVE-2023-4347Aug 15, 2023risk 0.00cvss —epss 0.67
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.
- CVE-2022-4069Nov 20, 2022risk 0.00cvss —epss 0.93
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
- CVE-2022-4067Nov 20, 2022risk 0.00cvss —epss 0.94
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
- CVE-2022-3516Nov 20, 2022risk 0.00cvss —epss 0.00
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
- CVE-2022-4070Nov 20, 2022risk 0.00cvss —epss 0.01
Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.
- CVE-2022-4068Nov 20, 2022risk 0.00cvss —epss 0.34
A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to…
- CVE-2022-3561Nov 20, 2022risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
- CVE-2022-3525Nov 20, 2022risk 0.00cvss —epss 0.01
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
- CVE-2022-3231Sep 17, 2022risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0.
- CVE-2022-36746Aug 30, 2022risk 0.00cvss —epss 0.00
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php.
- CVE-2022-36745Aug 30, 2022risk 0.00cvss —epss 0.00
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component print-customoid.php.
- CVE-2022-29712May 31, 2022risk 0.00cvss —epss 0.02
LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.
- CVE-2022-29711May 31, 2022risk 0.00cvss —epss 0.01
LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.
- CVE-2022-0772Feb 27, 2022risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2.
Page 4 of 5