Vulnerabilities > Zoneminder > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-01-28 | CVE-2019-6991 | Out-of-bounds Write vulnerability in Zoneminder A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username. | 9.8 |
| 2018-12-20 | CVE-2018-1000833 | Deserialization of Untrusted Data vulnerability in Zoneminder ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution. | 9.8 |
| 2018-12-20 | CVE-2018-1000832 | Deserialization of Untrusted Data vulnerability in Zoneminder ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution. | 9.8 |
| 2017-03-03 | CVE-2016-10204 | SQL Injection vulnerability in Zoneminder SQL injection vulnerability in Zoneminder 1.30 and earlier allows remote attackers to execute arbitrary SQL commands via the limit parameter in a log query request to index.php. | 9.8 |