High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-01-26	CVE-2023-23614	Insufficient Session Expiration vulnerability in Pi-Hole web Interface Pi-hole®'s Web interface (based off of AdminLTE) provides a central location to manage your Pi-hole. network low complexity pi-hole CWE-613	8.8
2021-09-15	CVE-2021-3706	Incorrect Permission Assignment for Critical Resource vulnerability in Pi-Hole web Interface adminlte is vulnerable to Sensitive Cookie Without 'HttpOnly' Flag network low complexity pi-hole CWE-732	7.5
2021-04-14	CVE-2021-29449	OS Command Injection vulnerability in Pi-Hole Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. local low complexity pi-hole CWE-78	7.2
2020-07-30	CVE-2020-14162	Improper Privilege Management vulnerability in Pi-Hole An issue was discovered in Pi-Hole through 5.0. local low complexity pi-hole CWE-269	7.2
2020-07-30	CVE-2020-12620	Improper Privilege Management vulnerability in Pi-Hole Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection (shell metacharacters after an IP address). local low complexity pi-hole CWE-269	7.2