Vulnerabilities > Librenms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-22 | CVE-2024-32480 | SQL Injection vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 7.2 |
| 2024-04-22 | CVE-2024-32461 | SQL Injection vulnerability in Librenms LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. | 8.8 |
| 2023-11-17 | CVE-2023-46745 | Unspecified vulnerability in Librenms LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. | 7.5 |
| 2022-11-20 | CVE-2022-3525 | Deserialization of Untrusted Data vulnerability in Librenms Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0. | 8.8 |
| 2022-02-14 | CVE-2022-0580 | Unspecified vulnerability in Librenms Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0. | 8.8 |
| 2021-02-08 | CVE-2020-35700 | SQL Injection vulnerability in Librenms A second-order SQL injection issue in Widgets/TopDevicesController.php (aka the Top Devices dashboard widget) of LibreNMS before 21.1.0 allows remote authenticated attackers to execute arbitrary SQL commands via the sort_order parameter against the /ajax/form/widget-settings endpoint. | 8.8 |
| 2020-07-21 | CVE-2020-15877 | Unspecified vulnerability in Librenms An issue was discovered in LibreNMS before 1.65.1. | 8.8 |
| 2019-09-09 | CVE-2019-12465 | SQL Injection vulnerability in Librenms An issue was discovered in LibreNMS 1.50.1. | 8.1 |
| 2019-09-09 | CVE-2019-12464 | Path Traversal vulnerability in Librenms 1.50.1 An issue was discovered in LibreNMS 1.50.1. | 7.5 |
| 2019-09-09 | CVE-2019-12463 | Improper Encoding or Escaping of Output vulnerability in Librenms 1.50.1/1.51/1.52 An issue was discovered in LibreNMS 1.50.1. | 8.8 |