Vulnerabilities > PI Hole > PI Hole
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-04 | CVE-2021-32706 | Unspecified vulnerability in Pi-Hole Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics. | 6.5 |
| 2021-08-04 | CVE-2021-32793 | Cross-site Scripting vulnerability in Pi-Hole Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics. | 3.5 |
| 2021-04-15 | CVE-2021-29448 | Cross-site Scripting vulnerability in Pi-Hole Ftldns, Pi-Hole and web Interface Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. | 5.8 |
| 2021-04-14 | CVE-2021-29449 | OS Command Injection vulnerability in Pi-Hole Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. | 7.2 |
| 2021-02-18 | CVE-2020-35592 | Cross-site Scripting vulnerability in Pi-Hole 5.0/5.1/5.1.1 Pi-hole 5.0, 5.1, and 5.1.1 allows XSS via the Options header to the admin/ URI. | 3.5 |
| 2021-02-18 | CVE-2020-35591 | Session Fixation vulnerability in Pi-Hole 5.0/5.1/5.1.1 Pi-hole 5.0, 5.1, and 5.1.1 allows Session Fixation. | 5.8 |
| 2020-12-24 | CVE-2020-35659 | Cross-site Scripting vulnerability in Pi-Hole The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS. | 4.3 |
| 2020-07-30 | CVE-2020-14162 | Improper Privilege Management vulnerability in Pi-Hole An issue was discovered in Pi-Hole through 5.0. | 7.2 |
| 2020-07-30 | CVE-2020-12620 | Improper Privilege Management vulnerability in Pi-Hole Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection (shell metacharacters after an IP address). | 7.2 |
| 2020-06-23 | CVE-2020-14971 | Code Injection vulnerability in Pi-Hole Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. | 4.6 |