Information on source package zoneminder

Available versions

ReleaseVersion
bullseye1.34.23-1
sid1.34.23-1

Open unimportant issues

BugbullseyesidDescription
CVE-2019-8429vulnerablevulnerableZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ...
CVE-2019-8428vulnerablevulnerableZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views ...
CVE-2019-8427vulnerablevulnerabledaemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ...
CVE-2019-8426vulnerablevulnerableskins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ...
CVE-2019-8425vulnerablevulnerableincludes/database.php in ZoneMinder before 1.32.3 has XSS in the const ...
CVE-2019-8424vulnerablevulnerableZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sor ...
CVE-2019-8423vulnerablevulnerableZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ...
CVE-2019-7351vulnerablevulnerableLog Injection exists in ZoneMinder through 1.32.3, as an attacker can ...
CVE-2019-7350vulnerablevulnerableSession fixation exists in ZoneMinder through 1.32.3, as an attacker c ...
CVE-2019-7330vulnerablevulnerableReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...

Resolved issues

BugDescription
CVE-2020-25729ZoneMinder before 1.34.21 has XSS via the connkey parameter to downloa ...
CVE-2019-13072Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allow ...
CVE-2019-7352Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...
CVE-2019-7349Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7348Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...
CVE-2019-7347A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMind ...
CVE-2019-7346A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a C ...
CVE-2019-7345Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...
CVE-2019-7344Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacke ...
CVE-2019-7343Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ...
CVE-2019-7342POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...
CVE-2019-7341Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ...
CVE-2019-7340POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...
CVE-2019-7339POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...
CVE-2019-7338Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ...
CVE-2019-7337Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7336Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...
CVE-2019-7335Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ...
CVE-2019-7334Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7333Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7332Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7331Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...
CVE-2019-7329Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7328Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7327Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-7326Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...
CVE-2019-7325Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...
CVE-2019-6992A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ...
CVE-2019-6991A classic Stack-based buffer overflow exists in the zmLoadUser() funct ...
CVE-2019-6990A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneM ...
CVE-2019-6777An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in ...
CVE-2018-1000833ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability ...
CVE-2018-1000832ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability ...
CVE-2017-7203A Cross-Site Scripting (XSS) was discovered in ZoneMinder before 1.30. ...
CVE-2017-5595A file disclosure and inclusion vulnerability exists in web/views/file ...
CVE-2017-5368ZoneMinder v1.30 and v1.29, an open-source CCTV server web application ...
CVE-2017-5367Multiple reflected XSS vulnerabilities exist within form and link inpu ...
CVE-2016-10206Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and ...
CVE-2016-10205Session fixation vulnerability in Zoneminder 1.30 and earlier allows r ...
CVE-2016-10204SQL injection vulnerability in Zoneminder 1.30 and earlier allows remo ...
CVE-2016-10203Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ...
CVE-2016-10202Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ...
CVE-2016-10201Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlie ...
CVE-2016-10140Information disclosure and authentication bypass vulnerability exists ...
CVE-2013-7464In csrf-magic before 1.0.4, if $GLOBALS['csrf']['secret'] is not confi ...
CVE-2013-0332Multiple directory traversal vulnerabilities in ZoneMinder 1.24.x befo ...
CVE-2013-0232includes/functions.php in ZoneMinder Video Server 1.24.0, 1.25.0, and ...
CVE-2008-6756ZoneMinder 1.23.3 on Gentoo Linux uses 0644 permissions for /etc/zm.co ...
CVE-2008-6755ZoneMinder 1.23.3 on Fedora 10 sets the ownership of /etc/zm.conf to t ...
CVE-2008-3882Unspecified "Command Injection" vulnerability in ZoneMinder 1.23.3 and ...
CVE-2008-3881Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23 ...
CVE-2008-3880SQL injection vulnerability in zm_html_view_event.php in ZoneMinder 1. ...
CVE-2008-1381ZoneMinder before 1.23.3 allows remote authenticated users, and possib ...
CVE-2004-0227Buffer overflow in the zms script in ZoneMinder before 1.19.2 may allo ...

Security announcements

DSA / DLADescription
DLA-1145-1zoneminder - security update
DLA-806-1zoneminder - security update
DSA-2640-1zoneminder - several issues

Search for package or bug name: Reporting problems