Vulnerabilities > Zoneminder

DATE CVE VULNERABILITY TITLE RISK
2023-02-25 CVE-2023-26035 Missing Authorization vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-862
critical
 9.8
9.8
2023-02-25 CVE-2023-26036 Untrusted Search Path vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-426
critical
 9.8
9.8
2023-02-25 CVE-2023-26037 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-89
critical
 9.8
9.8
2023-02-25 CVE-2023-26038 Untrusted Search Path vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-426
6.5
6.5
2023-02-25 CVE-2023-26039 OS Command Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-78
8.8
8.8
2023-02-25 CVE-2023-25825 Cross-site Scripting vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-79
6.1
6.1
2023-02-25 CVE-2023-26032 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
high complexity
zoneminder CWE-89
8.1
8.1
2023-02-25 CVE-2023-26034 SQL Injection vulnerability in Zoneminder
ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras.
network
low complexity
zoneminder CWE-89
8.8
8.8
2022-11-15 CVE-2022-30768 Cross-site Scripting vulnerability in Zoneminder 1.36.12
A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin (or non-Admin users that can see other users logged into the platform) clicks on Logout.
network
low complexity
zoneminder CWE-79
5.4
5.4
2022-11-15 CVE-2022-30769 Session Fixation vulnerability in Zoneminder
Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.
network
low complexity
zoneminder CWE-384
4.6
4.6