| Bug | bullseye | bookworm | sid | Description |
|---|
| CVE-2023-26039 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-26038 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-26037 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-26036 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-26035 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-26034 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-26032 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2023-25825 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2022-39291 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2022-39290 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2022-39289 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2022-39285 | vulnerable | fixed | fixed | ZoneMinder is a free, open source Closed-circuit television software a ... |
| CVE-2022-30769 | vulnerable | vulnerable | vulnerable | Session fixation exists in ZoneMinder through 1.36.12 as an attacker c ... |
| CVE-2022-30768 | vulnerable | vulnerable | vulnerable | A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows ... |
| CVE-2022-29806 | vulnerable | fixed | fixed | ZoneMinder before 1.36.13 allows remote code execution via an invalid ... |
| CVE-2022-1726 | vulnerable | vulnerable | vulnerable | Bootstrap Tables XSS vulnerability with Table Export plug-in when expo ... |
| CVE-2019-8429 | vulnerable | vulnerable | vulnerable | ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ... |
| CVE-2019-8427 | vulnerable | vulnerable | vulnerable | daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ... |
| CVE-2019-8425 | vulnerable | vulnerable | vulnerable | includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ... |
| CVE-2019-8423 | vulnerable | vulnerable | vulnerable | ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ... |
| CVE-2019-7351 | vulnerable | vulnerable | vulnerable | Log Injection exists in ZoneMinder through 1.32.3, as an attacker can ... |
| CVE-2019-7350 | vulnerable | vulnerable | vulnerable | Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ... |
| Bug | Description |
|---|
| CVE-2020-25730 | Cross Site Scripting (XSS) vulnerability in ZoneMinder before version ... |
| CVE-2020-25729 | ZoneMinder before 1.34.21 has XSS via the connkey parameter to downloa ... |
| CVE-2019-13072 | Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allow ... |
| CVE-2019-8428 | ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views ... |
| CVE-2019-8426 | skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ... |
| CVE-2019-8424 | ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sor ... |
| CVE-2019-7352 | Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ... |
| CVE-2019-7349 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7348 | Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ... |
| CVE-2019-7347 | A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMind ... |
| CVE-2019-7346 | A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a C ... |
| CVE-2019-7345 | Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ... |
| CVE-2019-7344 | Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacke ... |
| CVE-2019-7343 | Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ... |
| CVE-2019-7342 | POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ... |
| CVE-2019-7341 | Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ... |
| CVE-2019-7340 | POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ... |
| CVE-2019-7339 | POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ... |
| CVE-2019-7338 | Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ... |
| CVE-2019-7337 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7336 | Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ... |
| CVE-2019-7335 | Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ... |
| CVE-2019-7334 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7333 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7332 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7331 | Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ... |
| CVE-2019-7330 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7329 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7328 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7327 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-7326 | Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ... |
| CVE-2019-7325 | Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ... |
| CVE-2019-6992 | A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ... |
| CVE-2019-6991 | A classic Stack-based buffer overflow exists in the zmLoadUser() funct ... |
| CVE-2019-6990 | A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneM ... |
| CVE-2019-6777 | An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in ... |
| CVE-2018-1000833 | ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in ... |
| CVE-2018-1000832 | ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in ... |
| CVE-2017-7203 | A Cross-Site Scripting (XSS) was discovered in ZoneMinder before 1.30. ... |
| CVE-2017-5595 | A file disclosure and inclusion vulnerability exists in web/views/file ... |
| CVE-2017-5368 | ZoneMinder v1.30 and v1.29, an open-source CCTV server web application ... |
| CVE-2017-5367 | Multiple reflected XSS vulnerabilities exist within form and link inpu ... |
| CVE-2016-10206 | Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ... |
| CVE-2016-10205 | Session fixation vulnerability in Zoneminder 1.30 and earlier allows r ... |
| CVE-2016-10204 | SQL injection vulnerability in Zoneminder 1.30 and earlier allows remo ... |
| CVE-2016-10203 | Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ... |
| CVE-2016-10202 | Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ... |
| CVE-2016-10201 | Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ... |
| CVE-2016-10140 | Information disclosure and authentication bypass vulnerability exists ... |
| CVE-2013-7464 | In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not confi ... |
| CVE-2013-0332 | Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x befo ... |
| CVE-2013-0232 | includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and ... |
| CVE-2008-6756 | ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.co ... |
| CVE-2008-6755 | ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to t ... |
| CVE-2008-3882 | Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and ... |
| CVE-2008-3881 | Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23 ... |
| CVE-2008-3880 | SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1. ... |
| CVE-2008-1381 | ZoneMinder before 1.23.3 allows remote authenticated users, and possib ... |
| CVE-2004-0227 | Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allo ... |