cbcvebase.

Librenms Librenms vulnerabilities

25 known vulnerabilities affecting librenms/librenms_librenms.

Total CVEs
25
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM22

Vulnerabilities

Page 1 of 2
CVE-2022-3562P3MEDIUMCVSS 5.4≥ unspecified, < 22.10.02022-11-20
CVE-2022-3562 [MEDIUM] CWE-79 CVE-2022-3562: Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
nvd
CVE-2022-4067P3MEDIUMCVSS 5.4≥ unspecified, < 22.10.02022-11-20
CVE-2022-4067 [MEDIUM] CWE-79 CVE-2022-4067: Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
nvd
CVE-2023-5591P3MEDIUMCVSS 6.5≥ unspecified, < 23.10.02023-10-16
CVE-2023-5591 [MEDIUM] CWE-89 CVE-2023-5591: SQL Injection in GitHub repository librenms/librenms prior to 23.10.0. SQL Injection in GitHub repository librenms/librenms prior to 23.10.0.
nvd
CVE-2023-4347P3MEDIUMCVSS 5.4≥ unspecified, < 23.8.02023-08-15
CVE-2023-4347 [MEDIUM] CWE-79 CVE-2023-4347: Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0. Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.
nvd
CVE-2022-3525P3HIGHCVSS 8.8≥ unspecified, < 22.10.02022-11-20
CVE-2022-3525 [HIGH] CWE-502 CVE-2022-3525: Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0. Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
nvd
CVE-2022-4069P4MEDIUMCVSS 4.8≥ unspecified, < 22.10.02022-11-20
CVE-2022-4069 [MEDIUM] CWE-79 CVE-2022-4069: Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
nvd
CVE-2022-0580P3HIGHCVSS 8.8≥ unspecified, < 22.2.02022-02-14
CVE-2022-0580 [HIGH] CWE-863 CVE-2022-0580: Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0.
nvd
CVE-2022-4068P3MEDIUMCVSS 5.4≥ unspecified, < 22.10.02022-11-20
CVE-2022-4068 [MEDIUM] CWE-915 CVE-2022-4068: A user is able to enable their own account if it was disabled by an admin while the user still holds A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account.
nvd
CVE-2022-4070P3CRITICALCVSS 9.8≥ unspecified, < 22.10.02022-11-20
CVE-2022-4070 [CRITICAL] CWE-613 CVE-2022-4070: Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0. Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.
nvd
CVE-2022-0588P4MEDIUMCVSS 6.5≥ unspecified, < 22.2.02022-02-15
CVE-2022-0588 [MEDIUM] CWE-862 CVE-2022-0588: Missing Authorization in Packagist librenms/librenms prior to 22.2.0. Missing Authorization in Packagist librenms/librenms prior to 22.2.0.
nvd
CVE-2022-0587P4MEDIUMCVSS 6.5≥ unspecified, < 22.2.02022-02-15
CVE-2022-0587 [MEDIUM] CWE-285 CVE-2022-0587: Improper Authorization in Packagist librenms/librenms prior to 22.2.0. Improper Authorization in Packagist librenms/librenms prior to 22.2.0.
nvd
CVE-2023-4977P4MEDIUMCVSS 5.4≥ unspecified, < 23.9.02023-09-15
CVE-2023-4977 [MEDIUM] CWE-94 CVE-2023-4977: Code Injection in GitHub repository librenms/librenms prior to 23.9.0. Code Injection in GitHub repository librenms/librenms prior to 23.9.0.
nvd
CVE-2023-4978P4MEDIUMCVSS 6.1≥ unspecified, < 23.9.02023-09-15
CVE-2023-4978 [MEDIUM] CWE-79 CVE-2023-4978: Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.
nvd
CVE-2023-5060P4MEDIUMCVSS 6.1≥ unspecified, < 23.9.12023-09-19
CVE-2023-5060 [MEDIUM] CWE-79 CVE-2023-5060: Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1. Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.
nvd
CVE-2023-4980P4MEDIUMCVSS 5.4≥ unspecified, < 23.9.02023-09-15
CVE-2023-4980 [MEDIUM] CWE-79 CVE-2023-4980: Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0. Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0.
nvd
CVE-2023-4982P4MEDIUMCVSS 5.4≥ unspecified, < 23.9.02023-09-15
CVE-2023-4982 [MEDIUM] CWE-79 CVE-2023-4982: Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0. Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.
nvd
CVE-2023-4981P4MEDIUMCVSS 5.4≥ unspecified, < 23.9.02023-09-15
CVE-2023-4981 [MEDIUM] CWE-79 CVE-2023-4981: Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.
nvd
CVE-2022-0576P4MEDIUMCVSS 6.1≥ unspecified, < 22.1.02022-02-14
CVE-2022-0576 [MEDIUM] CWE-79 CVE-2022-0576: Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0. Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.
nvd
CVE-2022-3561P4MEDIUMCVSS 6.1≥ unspecified, < 22.10.02022-11-20
CVE-2022-3561 [MEDIUM] CWE-79 CVE-2022-3561: Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
nvd
CVE-2022-3516P4MEDIUMCVSS 6.1≥ unspecified, < 22.10.02022-11-20
CVE-2022-3516 [MEDIUM] CWE-79 CVE-2022-3516: Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
nvd
Librenms Librenms vulnerabilities | cvebase