Vulnerabilities > PI Hole > PI Hole

DATE CVE VULNERABILITY TITLE RISK
2020-05-29 CVE-2020-8816 OS Command Injection vulnerability in Pi-Hole
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.
network
low complexity
pi-hole CWE-78
6.5
6.5
2020-05-11 CVE-2020-11108 Unrestricted Upload of File with Dangerous Type vulnerability in Pi-Hole
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files.
network
low complexity
pi-hole CWE-434
critical
 9.0
9.0
2019-10-09 CVE-2019-13051 OS Command Injection vulnerability in Pi-Hole 4.3
Pi-Hole 4.3 allows Command Injection.
network
pi-hole CWE-78
6.8
6.8