CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/01/09 9:17 a.m.•18 views

CVE-2025-23199

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameter: /ajaxform.php - param: descr. Librenms version up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with the page...

5.4CVSS5.8AI score0.01221EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-3383

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00628EPSS

Exploits0References5

RedhatCVE•added 2025/05/23 11:38 a.m.•17 views

CVE-2025-23200

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameter: ajaxform.php - param: state. Librenms versions up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with the page...

5.4CVSS5.8AI score0.30854EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 9:7 a.m.•2 views

CVE-2024-56144

librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameters Replace $DEVICEID with your specific $DEVICEID value:/device/$DEVICEID/edit - param: display. Librenms versions up to 24.11.0 allow remote attackers to inject...

5.4CVSS5.9AI score0.00372EPSS

Exploits1References1

OSV•added 2025/01/16 10:20 p.m.•15 views

CVE-2025-23200 Stored XSS-LibreNMS-Misc Section in librenms

4.6CVSS5.8AI score0.30854EPSS

Exploits1References3

CNNVD•added 2025/01/16 12:0 a.m.•3 views

LibreNMS 跨站脚本漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments, and automatic updates. A cross-site scripting vulnerability exists in LibreNMS 24.11.0 and earlier versions,...

5.4CVSS5.7AI score0.00372EPSS

Exploits1References2

Positive Technologies•added 2025/01/16 12:0 a.m.•4 views

PT-2025-4841 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: Librenms versions prior to 24.11.0 Description: The issue is related to a stored XSS vulnerability in the parameter: /ajax form.php - param: descr. This allows remote attackers to inject malicious scripts, which execute immediately when a use...

5.4CVSS6.1AI score0.01221EPSS

Exploits1References10

NVD•added 2024/11/22 8:15 p.m.•29 views

CVE-2024-53253

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...

5.3CVSS0.00628EPSS

Exploits0References3

CVE•added 2024/11/22 7:58 p.m.•98 views

CVE-2024-53253

CVE-2024-53253 affects Sentry v24.11.0 (self-hosted); a specific error message could leak plaintext integration Client ID and Client Secret in an HTTP response when a failing third‑party response triggers select-requester.invalid-response during a Search UI async flow. The leak does not grant dat...

5.3CVSS5.2AI score0.00628EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/11/22 12:0 a.m.•7 views

PT-2024-35692 · Sentry · Sentry

Name of the Vulnerable Software and Affected Versions: Sentry version 24.11.0 Description: Sentry is an error tracking and performance monitoring platform. A specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integratio...

5.3CVSS7.1AI score0.00628EPSS

Exploits0References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by