Lucene search
+L

22 matches found

cve
cve
added 2026/06/24 9:26 p.m.18 views

CVE-2026-52794

Sentry CVE-2026-52794 describes a ReDoS in the event ingestion pipeline affecting versions from 24.4.0 through 26.5.2, where a regex on attacker-controlled fields can cause excessive CPU time. The flaw has a CVSSv3.1 base score of 7.5 (High) with network attack vector and no privileges required. ...

7.5CVSS5.8AI score0.00267EPSS
Exploits0References2Affected Software1
osv
osv
added 2026/06/24 9:26 p.m.3 views

CVE-2026-52794 Sentry: Inefficient Regular Expression Complexity in sentry

Sentry is an error tracking and performance monitoring tool. From 24.4.0 until 26.5.2, a Regular Expression Denial of Service ReDoS vulnerability exists in Sentry's event ingestion pipeline, where a regex applied to attacker-controlled fields on incoming events can be made to consume...

7.5CVSS5.9AI score0.00267EPSS
Exploits0References4
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1191

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.19107EPSS
Exploits1References5
euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2024-1233

Malicious code in bioql PyPI...

7.2CVSS6.9AI score0.2028EPSS
Exploits1References4
euvd
euvd
added 2025/10/03 8:7 p.m.24 views

EUVD-2024-1133

Malicious code in bioql PyPI...

7.1CVSS6.8AI score0.34128EPSS
Exploits1References5
redhatcve
redhatcve
added 2025/05/23 9:7 a.m.5 views

CVE-2024-56324

GoCD is a continuous deliver server. GoCD versions prior to 24.4.0 can allow GoCD "group admins" to abuse ability to edit the raw XML configuration for groups they administer to trigger XML External Entity XXE injection on the GoCD server. Theoretically, the XXE vulnerability can result in...

7.1CVSS6.9AI score0.00768EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/02/05 7:3 a.m.16 views

CVE-2024-32479

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to version 24.4.0, there is improper sanitization on the Service template name, which can lead to stored Cross-site Scripting. Version 24.4.0 fixes this vulnerability...

7.1CVSS6.8AI score0.34128EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/02/05 6:54 a.m.15 views

CVE-2024-32461

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A SQL injection vulnerability in POST /search/search=packages in LibreNMS prior to version 24.4.0 allows a user with global read privileges to execute SQL commands via the package parameter. With this vulnerability, an...

8.8CVSS7.8AI score0.19107EPSS
Exploits1References1
nvd
nvd
added 2024/04/22 11:15 p.m.20 views

CVE-2024-32480

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The order parameter is obtained from $request. After performing a string check, the value is directly incorporated into an SQL statement and concatenated, resultin...

7.2CVSS7.4AI score0.2028EPSS
Exploits1References2
nvd
nvd
added 2024/04/22 10:15 p.m.49 views

CVE-2024-32479

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to version 24.4.0, there is improper sanitization on the Service template name, which can lead to stored Cross-site Scripting. Version 24.4.0 fixes this vulnerability...

7.1CVSS6.9AI score0.34128EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2024/04/22 10:10 p.m.11 views

CVE-2024-32480 LibreNMS's Time-Based Blind SQL injection leads to database extraction

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The order parameter is obtained from $request. After performing a string check, the value is directly incorporated into an SQL statement and concatenated, resultin...

7.2CVSS7.8AI score0.2028EPSS
Exploits1References2
cvelist
cvelist
added 2024/04/22 10:10 p.m.22 views

CVE-2024-32480 LibreNMS's Time-Based Blind SQL injection leads to database extraction

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The order parameter is obtained from $request. After performing a string check, the value is directly incorporated into an SQL statement and concatenated, resultin...

7.2CVSS7.6AI score0.2028EPSS
Exploits1References2
osv
osv
added 2024/04/22 10:10 p.m.22 views

CVE-2024-32480 LibreNMS's Time-Based Blind SQL injection leads to database extraction

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The order parameter is obtained from $request. After performing a string check, the value is directly incorporated into an SQL statement and concatenated, resultin...

7.2CVSS7.4AI score0.2028EPSS
Exploits1References4
cvelist
cvelist
added 2024/04/22 10:7 p.m.63 views

CVE-2024-32479 LibreNMS's Improper Sanitization on Service template name leads to Stored XSS

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to version 24.4.0, there is improper sanitization on the Service template name, which can lead to stored Cross-site Scripting. Version 24.4.0 fixes this vulnerability...

7.1CVSS7AI score0.34128EPSS
Exploits1References3
vulnrichment
vulnrichment
added 2024/04/22 9:54 p.m.15 views

CVE-2024-32461 LibreNMS vulnerable to time-based SQL injection that leads to database extraction

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A SQL injection vulnerability in POST /search/search=packages in LibreNMS prior to version 24.4.0 allows a user with global read privileges to execute SQL commands via the package parameter. With this vulnerability, an...

7.1CVSS7.8AI score0.19107EPSS
Exploits1References3
ptsecurity
ptsecurity
added 2024/04/22 12:0 a.m.5 views

PT-2024-24590

Name of the Vulnerable Software and Affected Versions LibreNMS versions prior to 24.4.0 Description A SQL injection vulnerability in the POST /search/search=packages endpoint in LibreNMS allows a user with global read privileges to execute SQL commands via the package parameter. This vulnerabilit...

8.8CVSS8.3AI score0.19107EPSS
Exploits1References12
cnnvd
cnnvd
added 2024/04/22 12:0 a.m.47 views

LibreNMS 安全漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments and automatic updates. A security vulnerability exists in LibreNMS versions prior to 24.4.0 that stems from the...

7.1CVSS5.7AI score0.34128EPSS
Exploits1References4
cnnvd
cnnvd
added 2024/04/22 12:0 a.m.4 views

LibreNMS SQL注入漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments, and automatic updates. A security vulnerability exists in LibreNMS versions prior to 24.4.0. An attacker...

8.8CVSS7.7AI score0.19107EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2024/04/22 12:0 a.m.11 views

PT-2024-24604 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.4.0 Description: The issue is related to a SQL injection vulnerability. The order parameter, obtained from $request, is directly incorporated into an SQL statement after a string check, resulting in the...

7.2CVSS7.7AI score0.2028EPSS
Exploits1References9
ptsecurity
ptsecurity
added 2024/04/22 12:0 a.m.15 views

PT-2024-24602 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.4.0 Description: The issue is related to improper sanitization on the Service template name, which can lead to stored Cross-site Scripting. This can be exploited by modifying the template name with crafted...

7.1CVSS7.4AI score0.34128EPSS
Exploits1References9
Rows per page
Query Builder