Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie

Type deb

Namespace debian

Name zoneminder

Version 1.32.3-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1.34.6-1

Latest_non_vulnerable_version 1.36.37+dfsg1-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-8vh1-pk4c-63hz

vulnerability_id VCID-8vh1-pk4c-63hz

summary A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6990

reference_id

reference_type

scores

value	0.0027
scoring_system	epss
scoring_elements	0.50555
published_at	2026-04-21T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50577
published_at	2026-04-18T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50438
published_at	2026-04-01T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50495
published_at	2026-04-02T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50522
published_at	2026-04-04T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50475
published_at	2026-04-07T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50529
published_at	2026-04-13T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50526
published_at	2026-04-09T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50567
published_at	2026-04-11T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50544
published_at	2026-04-12T12:55:00Z

value	0.0027
scoring_system	epss
scoring_elements	0.50573
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6990

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6990
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6990

reference_url	https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a

reference_url	https://github.com/ZoneMinder/zoneminder/issues/2444
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/issues/2444

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921001
reference_id	921001
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921001

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder::::::::
reference_id	cpe:2.3:a:zoneminder:zoneminder::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6990

reference_id

CVE-2019-6990

reference_type

scores

value	3.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:S/C:N/I:P/A:N

value	5.4
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6990

reference_url	https://usn.ubuntu.com/5889-1/
reference_id	USN-5889-1
reference_type
scores
url	https://usn.ubuntu.com/5889-1/

fixed_packages

url	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
purl	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-6990

risk_score 2.5

exploitability 0.5

weighted_severity 4.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8vh1-pk4c-63hz

url VCID-9rr3-tdb4-1kdm

vulnerability_id VCID-9rr3-tdb4-1kdm

summary ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000832

reference_id

reference_type

scores

value	0.0816
scoring_system	epss
scoring_elements	0.92151
published_at	2026-04-01T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92158
published_at	2026-04-02T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92164
published_at	2026-04-04T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92167
published_at	2026-04-07T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92179
published_at	2026-04-08T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92182
published_at	2026-04-09T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92187
published_at	2026-04-11T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92188
published_at	2026-04-12T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92184
published_at	2026-04-13T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92194
published_at	2026-04-18T12:55:00Z

value	0.0816
scoring_system	epss
scoring_elements	0.92196
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000832

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000832
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000832

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917024
reference_id	917024
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917024

fixed_packages

url	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
purl	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2018-1000832

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9rr3-tdb4-1kdm

url VCID-cccj-wgfh-3fg4

vulnerability_id VCID-cccj-wgfh-3fg4

summary An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6777

reference_id

reference_type

scores

value	0.00307
scoring_system	epss
scoring_elements	0.53907
published_at	2026-04-21T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53926
published_at	2026-04-18T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53799
published_at	2026-04-01T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53819
published_at	2026-04-07T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53846
published_at	2026-04-04T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53871
published_at	2026-04-08T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53868
published_at	2026-04-09T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53916
published_at	2026-04-11T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53899
published_at	2026-04-12T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53883
published_at	2026-04-13T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53921
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6777

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6777
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6777

reference_url	https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41
reference_id
reference_type
scores
url	https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41

reference_url	https://github.com/ZoneMinder/zoneminder/issues/2436
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/issues/2436

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920375
reference_id	920375
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920375

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.32.3:::::::*
reference_id	cpe:2.3:a:zoneminder:zoneminder:1.32.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.32.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6777

reference_id

CVE-2019-6777

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6777

reference_url	https://usn.ubuntu.com/5889-1/
reference_id	USN-5889-1
reference_type
scores
url	https://usn.ubuntu.com/5889-1/

fixed_packages

url	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
purl	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-6777

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cccj-wgfh-3fg4

url VCID-dpp2-3t2d-d3e4

vulnerability_id VCID-dpp2-3t2d-d3e4

summary A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6991

reference_id

reference_type

scores

value	0.05293
scoring_system	epss
scoring_elements	0.9003
published_at	2026-04-21T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90032
published_at	2026-04-18T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89973
published_at	2026-04-01T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89975
published_at	2026-04-02T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89987
published_at	2026-04-04T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.89993
published_at	2026-04-07T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90008
published_at	2026-04-08T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90014
published_at	2026-04-09T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90023
published_at	2026-04-11T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90022
published_at	2026-04-12T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90016
published_at	2026-04-13T12:55:00Z

value	0.05293
scoring_system	epss
scoring_elements	0.90031
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6991

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6991
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6991

reference_url	https://github.com/ZoneMinder/zoneminder/issues/2478
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/issues/2478

reference_url	https://github.com/ZoneMinder/zoneminder/pull/2482
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/pull/2482

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921000
reference_id	921000
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921000

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder::::::::
reference_id	cpe:2.3:a:zoneminder:zoneminder::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6991

reference_id

CVE-2019-6991

reference_type

scores

value	7.5
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:P/I:P/A:P

value	9.8
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6991

reference_url	https://usn.ubuntu.com/5889-1/
reference_id	USN-5889-1
reference_type
scores
url	https://usn.ubuntu.com/5889-1/

fixed_packages

url	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
purl	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-6991

risk_score 4.4

exploitability 0.5

weighted_severity 8.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dpp2-3t2d-d3e4

url VCID-g1r5-fbsj-n3dr

vulnerability_id VCID-g1r5-fbsj-n3dr

summary A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-6992

reference_id

reference_type

scores

value	0.00307
scoring_system	epss
scoring_elements	0.53922
published_at	2026-04-21T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53942
published_at	2026-04-18T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53814
published_at	2026-04-01T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53833
published_at	2026-04-02T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53861
published_at	2026-04-04T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53835
published_at	2026-04-07T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53887
published_at	2026-04-08T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53885
published_at	2026-04-09T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53932
published_at	2026-04-11T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53914
published_at	2026-04-12T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53898
published_at	2026-04-13T12:55:00Z

value	0.00307
scoring_system	epss
scoring_elements	0.53936
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-6992

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6992
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6992

reference_url	https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498

reference_url	https://github.com/ZoneMinder/zoneminder/issues/2445
reference_id
reference_type
scores
url	https://github.com/ZoneMinder/zoneminder/issues/2445

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920999
reference_id	920999
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920999

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder::::::::
reference_id	cpe:2.3:a:zoneminder:zoneminder::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2019-6992

reference_id

CVE-2019-6992

reference_type

scores

value	4.3
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:N/I:P/A:N

value	6.1
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2019-6992

reference_url	https://usn.ubuntu.com/5889-1/
reference_id	USN-5889-1
reference_type
scores
url	https://usn.ubuntu.com/5889-1/

fixed_packages

url	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
purl	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2019-6992

risk_score 2.8

exploitability 0.5

weighted_severity 5.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-g1r5-fbsj-n3dr

url VCID-r751-csse-zuaq

vulnerability_id VCID-r751-csse-zuaq

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000833

reference_id

reference_type

scores

value	0.01979
scoring_system	epss
scoring_elements	0.83503
published_at	2026-04-01T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83515
published_at	2026-04-02T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83529
published_at	2026-04-04T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.8353
published_at	2026-04-07T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83554
published_at	2026-04-08T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83563
published_at	2026-04-09T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83578
published_at	2026-04-11T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83572
published_at	2026-04-12T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83568
published_at	2026-04-13T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83602
published_at	2026-04-18T12:55:00Z

value	0.01979
scoring_system	epss
scoring_elements	0.83603
published_at	2026-04-21T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-1000833

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000833
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000833

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917024
reference_id	917024
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917024

fixed_packages

url	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
purl	pkg:deb/debian/zoneminder@1.32.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.34.23-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-4qtk-7myx-vfcd

vulnerability	VCID-7vc9-wfjb-t3ba

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-95ub-6q5w-p3cm

vulnerability	VCID-9kh5-715y-pud4

vulnerability	VCID-d117-rhnc-rkhf

vulnerability	VCID-fyy1-fwys-xkbj

vulnerability	VCID-j283-1m9p-13hn

vulnerability	VCID-jukn-h868-5ugm

vulnerability	VCID-kk5d-y2z8-r3g2

vulnerability	VCID-mdkd-vmcp-afa8

vulnerability	VCID-mk5h-586t-pyga

vulnerability	VCID-n8y3-5fb9-kucb

vulnerability	VCID-tyu6-8h17-8yh5

vulnerability	VCID-uybk-r4q9-gyac

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.34.23-1%3Fdistro=trixie

url pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

purl pkg:deb/debian/zoneminder@1.36.33%2Bdfsg1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-3xuk-942c-kkbf

vulnerability	VCID-4mfm-zzrx-6ffb

vulnerability	VCID-7x51-uyq2-9qax

vulnerability	VCID-mdkd-vmcp-afa8

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.33%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.35%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.35%252Bdfsg1-1%3Fdistro=trixie

url	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
purl	pkg:deb/debian/zoneminder@1.36.37%2Bdfsg1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.36.37%252Bdfsg1-1%3Fdistro=trixie

aliases CVE-2018-1000833

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-r751-csse-zuaq

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zoneminder@1.32.3-2%3Fdistro=trixie

Package Instance