Filtered by vendor Librenms
Subscriptions
Filtered by product Librenms
Subscriptions
Total
55 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-0580 | 1 Librenms | 1 Librenms | 2024-08-02 | 7.1 High |
Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
CVE-2022-0576 | 1 Librenms | 1 Librenms | 2024-08-02 | 6.1 Medium |
Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0. | ||||
CVE-2022-0587 | 1 Librenms | 1 Librenms | 2024-08-02 | 6.5 Medium |
Improper Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
CVE-2022-0588 | 1 Librenms | 1 Librenms | 2024-08-02 | 7.1 High |
Missing Authorization in Packagist librenms/librenms prior to 22.2.0. | ||||
CVE-2022-0589 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0. | ||||
CVE-2022-0575 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0. | ||||
CVE-2023-48294 | 1 Librenms | 1 Librenms | 2024-08-02 | 4.3 Medium |
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions of LibreNMS when a user accesses their device dashboard, one request is sent to `graph.php` to access graphs generated on the particular Device. This request can be accessed by a low privilege user and they can enumerate devices on librenms with their id or hostname. Leveraging this vulnerability a low privilege user can see all devices registered by admin users. This vulnerability has been addressed in commit `489978a923` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
CVE-2023-5060 | 1 Librenms | 1 Librenms | 2024-08-02 | 6.1 Medium |
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1. | ||||
CVE-2023-4980 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0. | ||||
CVE-2023-4977 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Code Injection in GitHub repository librenms/librenms prior to 23.9.0. | ||||
CVE-2023-4982 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0. | ||||
CVE-2023-4981 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. | ||||
CVE-2023-4979 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0. | ||||
CVE-2023-4978 | 1 Librenms | 1 Librenms | 2024-08-02 | 6.1 Medium |
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. | ||||
CVE-2023-4347 | 1 Librenms | 1 Librenms | 2024-08-02 | 5.4 Medium |
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0. |