librenms/librenms Security Advisories for 22.10.0 (16)
-
[HIGH] LibreNMS vulnerable to a Time-Based Blind SQL injection leads to database extraction
PKSA-wskr-mbrz-ct8p CVE-2024-32480 GHSA-jh57-j3vq-h438
Affected version: <24.4.0
Reported by:
GitHub -
[HIGH] LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS
PKSA-g1ms-vbct-y8y2 CVE-2024-32479 GHSA-72m9-7c8x-pmmw
Affected version: <24.4.0
Reported by:
GitHub -
[HIGH] LibreNMS vulnerable to SQL injection time-based leads to database extraction
PKSA-cqy2-j4sq-mj1m CVE-2024-32461 GHSA-cwx6-cx7x-4q34
Affected version: <24.4.0
Reported by:
GitHub -
[MEDIUM] LibreNMS has Broken Access control on Graphs Feature
PKSA-dy6r-dy8y-9wrb CVE-2023-48294 GHSA-fpq5-4vwm-78x4
Affected version: <23.11.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Cross-site Scripting at Device groups Deletion feature
PKSA-pkpr-46hb-bg9j CVE-2023-48295 GHSA-8phr-637g-pxrg
Affected version: <23.11.0
Reported by:
GitHub -
[MEDIUM] LibreNMS vulnerable to rate limiting bypass on login page
PKSA-z23c-gbcv-4pv2 CVE-2023-46745 GHSA-rq42-58qf-v3qx
Affected version: <23.11.0
Reported by:
GitHub -
[HIGH] SQL injection in librenms/librenms
PKSA-xq48-tmhk-hpm4 CVE-2023-5591 GHSA-mr6h-7x2m-rgmq
Affected version: <23.10.0
Reported by:
GitHub -
[HIGH] Cross site scripting in librenms
PKSA-39bn-qzf7-nrzs CVE-2023-5060 GHSA-2q8c-gqf4-mg3v
Affected version: <23.9.1
Reported by:
GitHub -
[MEDIUM] LibreNMS Cross-site Scripting vulnerability
PKSA-q4db-z2nw-5gfb CVE-2023-4982 GHSA-m6jj-fgmh-3p8r
Affected version: <23.9.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Cross-site Scripting vulnerability
PKSA-5ktt-gqhn-r871 CVE-2023-4981 GHSA-5jjm-qp48-qp86
Affected version: <23.9.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Cross-site Scripting vulnerability
PKSA-q5sk-6374-ytn9 CVE-2023-4980 GHSA-qxrq-376q-p39h
Affected version: <23.9.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Cross-site Scripting vulnerability
PKSA-m977-sq8g-gk7b CVE-2023-4979 GHSA-jp3c-g46v-jg2c
Affected version: <23.9.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Cross-site Scripting vulnerability
PKSA-jqxr-msnr-g9yn CVE-2023-4978 GHSA-qjpw-rg56-jh8v
Affected version: <23.9.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Code Injection vulnerability
PKSA-3jtx-27br-hxkr CVE-2023-4977 GHSA-57m2-mpc7-gwgx
Affected version: <23.9.0
Reported by:
GitHub -
[HIGH] LibreNMS Cross-site Scripting vulnerability
PKSA-vtm2-sr26-cxxn CVE-2023-4347 GHSA-m6pf-cm3f-7876
Affected version: <=23.7.0
Reported by:
GitHub -
[MEDIUM] LibreNMS Arbitrary File Read
PKSA-6jtq-3877-1tyc CVE-2017-16759 GHSA-4ccx-wjqp-5fww
Affected version: <2017-08-18
Reported by:
GitHub