Homepage

zoneminder vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the zoneminder package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • L
Cross-site Scripting (XSS)

<1.36.31+dfsg1-1
  • L
Untrusted Search Path

<1.36.33+dfsg1-1
  • L
SQL Injection

<1.34.6-1
  • L
SQL Injection

<1.36.33+dfsg1-1
  • L
SQL Injection

*
  • L
Cross-site Scripting (XSS)

*
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Session Fixation

*
  • M
Cross-site Scripting (XSS)

<1.30.4+dfsg-1
  • M
Cross-site Scripting (XSS)

<1.30.4+dfsg-1
  • C
Arbitrary Code Injection

<1.24.1-1
  • L
CVE-2023-31493

*
  • L
Untrusted Search Path

<1.36.33+dfsg1-1
  • L
Improper Input Validation

<1.36.31+dfsg1-1
  • L
Cross-site Scripting (XSS)

<1.34.21-1
  • L
OS Command Injection

*
  • L
Directory Traversal

<1.36.13+dfsg1-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Time-of-check Time-of-use (TOCTOU)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

*
  • H
Session Fixation

<1.30.4+dfsg-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • H
Cross-site Request Forgery (CSRF)

<1.30.4+dfsg-1
  • C
Deserialization of Untrusted Data

<1.32.3-2
  • H
CVE-2013-0232

<1.25.0-4
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • M
Cross-site Scripting (XSS)

<1.32.3-2
  • M
Arbitrary Code Injection

<1.23.3-1
  • L
Cross-site Scripting (XSS)

<1.24.1-1
  • L
Cross-site Scripting (XSS)

<1.36.33+dfsg1-1
  • L
Session Fixation

*
  • L
SQL Injection

<1.36.33+dfsg1-1
  • L
Missing Authorization

<1.36.31+dfsg1-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
SQL Injection

<1.36.33+dfsg1-1
  • L
SQL Injection

<1.36.35+dfsg1-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • M
Cross-site Scripting (XSS)

<1.30.4+dfsg-1
  • C
SQL Injection

<1.30.4+dfsg-1
  • M
Access Restriction Bypass

<1.22.3-5
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
SQL Injection

*
  • L
SQL Injection

<1.34.6-1
  • H
SQL Injection

<1.24.1-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • C
Out-of-bounds Write

<1.32.3-2
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • M
Directory Traversal

<1.25.0-1
  • M
Cross-site Scripting (XSS)

<1.30.4+dfsg-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • M
Cross-site Scripting (XSS)

<1.30.4+dfsg-1
  • H
Information Exposure

<1.30.4+dfsg-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
OS Command Injection

<1.36.33+dfsg1-1
  • L
Missing Authorization

<1.36.33+dfsg1-1
  • L
Improper Authentication

<1.36.31+dfsg1-1
  • L
SQL Injection

<1.36.35+dfsg1-1
  • L
Cross-site Scripting (XSS)

*
  • L
CVE-2020-25730

<1.34.21-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Arbitrary Code Injection

*
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • M
Cross-site Scripting (XSS)

<1.32.3-2
  • M
Information Exposure

<1.30.4+dfsg-1
  • H
Cross-site Request Forgery (CSRF)

<1.30.4+dfsg-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • L
Access Restriction Bypass

<1.24.1-1
  • H
CVE-2004-0227

<1.22.3-1
  • L
Cross-site Scripting (XSS)

<1.36.35+dfsg1-1
  • L
Cross-site Scripting (XSS)

<1.36.35+dfsg1-1
  • L
Cross-site Request Forgery (CSRF)

<1.34.6-1
  • L
Cross-site Scripting (XSS)

<1.34.6-1
  • M
Cross-site Scripting (XSS)

<1.34.6-1
  • C
Deserialization of Untrusted Data

<1.32.3-2
  • M
Cross-site Scripting (XSS)

<1.32.3-2