Lucene search
K

1264 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-7345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'options' options.php does no input validation for the WEBTITLE, HOMEURL...

4.8CVSS6.9AI score0.00674EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-10204

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query...

9.8CVSS8.7AI score0.02082EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2017-5367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application,...

6.1CVSS6.9AI score0.01996EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-8429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filterQueryterms0cnj parameter. CVE-2019-8429 Note that Nessus relies on the presence of the...

9.8CVSS7.4AI score0.01646EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2016-10205

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Session fixation vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack web sessions via the ZMSESSID cookie. CVE-2016-10205 Note that...

7.5CVSS7.5AI score0.01386EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2016-10140

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Information disclosure and authentication bypass vulnerability exists in the Apache HTTP Server configuration bundled with ZoneMinder v1.30 and v1.29, which...

7.5CVSS7.6AI score0.06739EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-7343

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Reflected - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable...

6.1CVSS7AI score0.00878EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/08 12:0 a.m.4 views

VulnCheck KEV: CVE-2024-43360

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder is affected by a time-based SQL Injection vulnerability. This vulnerability is fixed in 1.36.34 and 1.37.61...

9.8CVSS5.9AI score0.06171EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/06/07 11:22 p.m.528 views

Exploit for CVE-2024-51482

CVE-2024-51482 ZoneMinder v1.37. = 1.37.64 CVE-2024-51482 po...

9.9CVSS7.1AI score0.36899EPSS
Exploits7
VulnCheck KEV
VulnCheck KEV
added 2025/06/07 12:0 a.m.5 views

VulnCheck KEV: CVE-2022-39290

ZoneMinder is a free, open source Closed-circuit television software application. In affected versions authenticated users can bypass CSRF keys by modifying the request supplied to the Zoneminder web application. These modifications include replacing HTTP POST with an HTTP GET and removing the...

8CVSS5.8AI score0.05444EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:48 a.m.4 views

CVE-2024-43359

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61...

6.1CVSS6AI score0.00375EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 6:38 a.m.4 views

CVE-2024-43358

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filterId. This vulnerability is fixed in 1.36.34 and 1.37.61...

6.1CVSS6AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:19 a.m.9 views

CVE-2024-51482

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder v1.37. = 1.37.64 is vulnerable to boolean-based SQL Injection in function of web/ajax/event.php. This is fixed in 1.37.65...

9.9CVSS7.7AI score0.36899EPSS
Exploits7References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:58 a.m.4 views

CVE-2023-31493

RCE Remote Code Execution exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system...

6.6CVSS7.6AI score0.00732EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.2 views

CVE-2023-26035

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are vulnerable to Unauthenticated Remote Code Execution via Missing Authorization. There are no permissions check on the...

9.8CVSS7.2AI score0.80462EPSS
Exploits11References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.2 views

CVE-2023-26032

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain SQL Injection via malicious jason web token. The Username field of the JWT token was trusted when performing an SQL...

8.9CVSS8.2AI score0.0062EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:37 a.m.6 views

CVE-2023-26036

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain a Local File Inclusion Untrusted Search Path vulnerability via /web/index.php. By controlling $view, any local file...

9.8CVSS6.5AI score0.00897EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:39 a.m.6 views

CVE-2023-26034

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 are affected by a SQL Injection vulnerability. The blind SQL Injection vulnerability is present within the...

9.6CVSS8.7AI score0.01579EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.6 views

CVE-2023-26039

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an OS Command Injection via daemonControl in /web/api/app/Controller/HostController.php. Any authenticated user can...

8.8CVSS7.3AI score0.01246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.7 views

CVE-2023-26037

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 and 1.37.33 contain an SQL Injection. The minTime and maxTime request parameters are not properly validated and could be used execute...

9.8CVSS7.5AI score0.00607EPSS
Exploits0References1
Rows per page
Query Builder