Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
librenms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-46745
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions the login method has no rate limit. An attacker may be able to leverage this vulnerability to gain acces...
Librenms Librenms
6.1
CVSSv3
CVE-2021-43324
LibreNMS up to and including 21.10.2 allows XSS via a widget title.
Librenms Librenms
1 Github repository
8.8
CVSSv3
CVE-2022-0580
Incorrect Authorization in Packagist librenms/librenms before 22.2.0.
Librenms Librenms
6.5
CVSSv3
CVE-2022-0587
Improper Authorization in Packagist librenms/librenms before 22.2.0.
Librenms Librenms
6.1
CVSSv3
CVE-2023-5060
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms before 23.9.1.
Librenms Librenms
8.8
CVSSv3
CVE-2019-12463
An issue exists in LibreNMS 1.50.1. The scripts that handle graphing options (includes/html/graphs/common.inc.php and includes/html/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_e...
Librenms Librenms
4.3
CVSSv3
CVE-2023-48294
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. In affected versions of LibreNMS when a user accesses their device dashboard, one request is sent to `graph.php` to access gr...
Librenms Librenms
5.4
CVSSv3
CVE-2023-48295
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been a...
Librenms Librenms
5.4
CVSSv3
CVE-2022-0575
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms before 22.2.0.
Librenms Librenms
6.1
CVSSv3
CVE-2022-0576
Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms before 22.1.0.
Librenms Librenms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »