Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Librenms Subscribe
Filtered by product Librenms
Total 43 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-4068 1 Librenms 1 Librenms 2022-11-29 N/A 5.4 MEDIUM
A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account.
CVE-2022-4070 1 Librenms 1 Librenms 2022-11-21 N/A 9.8 CRITICAL
Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-4069 1 Librenms 1 Librenms 2022-11-21 N/A 4.8 MEDIUM
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-4067 1 Librenms 1 Librenms 2022-11-21 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-3562 1 Librenms 1 Librenms 2022-11-21 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-3561 1 Librenms 1 Librenms 2022-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-3525 1 Librenms 1 Librenms 2022-11-21 N/A 8.8 HIGH
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-3516 1 Librenms 1 Librenms 2022-11-21 N/A 6.1 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
CVE-2022-3231 1 Librenms 1 Librenms 2022-09-20 N/A 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0.
CVE-2022-36746 1 Librenms 1 Librenms 2022-09-01 N/A 6.1 MEDIUM
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php.
CVE-2022-36745 1 Librenms 1 Librenms 2022-09-01 N/A 6.1 MEDIUM
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component print-customoid.php.
CVE-2022-29711 1 Librenms 1 Librenms 2022-06-09 4.3 MEDIUM 6.1 MEDIUM
LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.
CVE-2022-29712 1 Librenms 1 Librenms 2022-06-09 7.5 HIGH 9.8 CRITICAL
LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters.
CVE-2022-0772 1 Librenms 1 Librenms 2022-03-07 3.5 LOW 4.8 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2.
CVE-2022-0580 1 Librenms 1 Librenms 2022-02-22 6.5 MEDIUM 8.8 HIGH
Improper Access Control in Packagist librenms/librenms prior to 22.2.0.
CVE-2022-0576 1 Librenms 1 Librenms 2022-02-22 4.3 MEDIUM 6.1 MEDIUM
Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.
CVE-2022-0575 1 Librenms 1 Librenms 2022-02-22 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.
CVE-2022-0588 1 Librenms 1 Librenms 2022-02-22 4.0 MEDIUM 6.5 MEDIUM
Exposure of Sensitive Information to an Unauthorized Actor in Packagist librenms/librenms prior to 22.2.0.
CVE-2022-0587 1 Librenms 1 Librenms 2022-02-22 4.0 MEDIUM 6.5 MEDIUM
Improper Authorization in Packagist librenms/librenms prior to 22.2.0.
CVE-2022-0589 1 Librenms 1 Librenms 2022-02-22 3.5 LOW 5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.