Vulnerabilities > PI Hole

DATE CVE VULNERABILITY TITLE RISK
2021-10-26 CVE-2021-41175 Cross-site Scripting vulnerability in Pi-Hole web Interface
Pi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS.
network
pi-hole CWE-79
3.5
2021-09-17 CVE-2021-3811 Cross-site Scripting vulnerability in Pi-Hole web Interface
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
pi-hole CWE-79
4.3
2021-09-17 CVE-2021-3812 Cross-site Scripting vulnerability in Pi-Hole web Interface
adminlte is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
pi-hole CWE-79
4.3
2021-09-15 CVE-2021-3706 Incorrect Permission Assignment for Critical Resource vulnerability in Pi-Hole web Interface
adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag
network
low complexity
pi-hole CWE-732
5.0
2021-08-04 CVE-2021-32706 Unspecified vulnerability in Pi-Hole
Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics.
network
low complexity
pi-hole
6.5
2021-08-04 CVE-2021-32793 Cross-site Scripting vulnerability in Pi-Hole
Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics.
network
pi-hole CWE-79
3.5
2021-04-15 CVE-2021-29448 Cross-site Scripting vulnerability in Pi-Hole Ftldns, Pi-Hole and web Interface
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application.
network
pi-hole CWE-79
5.8
2021-04-14 CVE-2021-29449 Improper Privilege Management vulnerability in Pi-Hole
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application.
local
low complexity
pi-hole CWE-269
7.2
2021-02-18 CVE-2020-35592 Cross-site Scripting vulnerability in Pi-Hole 5.0/5.1/5.1.1
Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI.
network
pi-hole CWE-79
3.5
2021-02-18 CVE-2020-35591 Session Fixation vulnerability in Pi-Hole 5.0/5.1/5.1.1
Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation.
network
pi-hole CWE-384
5.8