{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","type":"apk","namespace":"alpine","name":"zoneminder","version":"1.36.7-r0","qualifiers":{"arch":"armv7","distroversion":"v3.23","reponame":"community"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.36.31-r0","latest_non_vulnerable_version":"1.36.33-r0","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94237?format=json","vulnerability_id":"VCID-11zt-rw3z-87gx","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download (download.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7333","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.581","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58077","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5803","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7333"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7333","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7333"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2441","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2441"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7333","reference_id":"CVE-2019-7333","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7333"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7333"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-11zt-rw3z-87gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94256?format=json","vulnerability_id":"VCID-23ug-uzth-tybf","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'state' (aka Run State) (state.php) does no input validation to the value supplied to the 'New State' (aka newState) field, allowing an attacker to execute HTML or JavaScript code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7352","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7352"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7352","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7352"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2475","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2475"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7352","reference_id":"CVE-2019-7352","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7352"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7352"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-23ug-uzth-tybf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94249?format=json","vulnerability_id":"VCID-3zrk-nztf-nqfd","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7345","reference_id":"","reference_type":"","scores":[{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46423","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46443","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46374","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46415","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46435","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46383","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46439","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46463","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46434","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46444","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46501","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00235","scoring_system":"epss","scoring_elements":"0.46498","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7345"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7345","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7345"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2468","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2468"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7345","reference_id":"CVE-2019-7345","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7345"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7345"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3zrk-nztf-nqfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94229?format=json","vulnerability_id":"VCID-4zbd-b8b7-tfa4","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as multiple views under web/skins/classic/views insecurely utilize $_REQUEST['PHP_SELF'], without applying any proper filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7325","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55914","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55949","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55948","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55999","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55993","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55975","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56011","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56014","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55988","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7325"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7325","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7325"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2450","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2450"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7325","reference_id":"CVE-2019-7325","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7325"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7325"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4zbd-b8b7-tfa4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94240?format=json","vulnerability_id":"VCID-5ba3-bxk1-pbht","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7336","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7336"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7336","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7336"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2457","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2457"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7336","reference_id":"CVE-2019-7336","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7336"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7336"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5ba3-bxk1-pbht"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94246?format=json","vulnerability_id":"VCID-6mdb-h6fb-c7d6","summary":"POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[AutoExecuteCmd]' parameter value in the view filter (filter.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7342","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.5564","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55664","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55561","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55673","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55695","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55674","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55725","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55728","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55737","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55717","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.557","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.5574","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55722","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55647","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7342"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2461","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2461"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7342","reference_id":"CVE-2019-7342","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7342"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7342"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6mdb-h6fb-c7d6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94247?format=json","vulnerability_id":"VCID-6xnz-k4kg-eqhd","summary":"Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7343","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.581","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58077","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5803","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7343"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2464","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2464"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7343","reference_id":"CVE-2019-7343","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7343"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7343"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6xnz-k4kg-eqhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94244?format=json","vulnerability_id":"VCID-7x1r-12y1-ekfk","summary":"POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7340","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.581","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58077","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5803","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7340"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2462","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2462"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7340","reference_id":"CVE-2019-7340","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7340"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7340"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7x1r-12y1-ekfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94255?format=json","vulnerability_id":"VCID-819t-uxvx-gkdd","summary":"Log Injection exists in ZoneMinder through 1.32.3, as an attacker can entice the victim to visit a specially crafted link, which in turn will inject a custom Log message provided by the attacker in the 'log' view page, as demonstrated by the message=User%20'admin'%20Logged%20in value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7351","reference_id":"","reference_type":"","scores":[{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48456","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48498","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48443","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.4848","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48502","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48455","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48509","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48505","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48528","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48501","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48513","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48563","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48559","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00252","scoring_system":"epss","scoring_elements":"0.48516","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7351"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7351","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7351"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2466","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2466"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7351","reference_id":"CVE-2019-7351","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7351"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7351"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-819t-uxvx-gkdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94235?format=json","vulnerability_id":"VCID-8uu9-g2r8-nyep","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named \"signal check color\" (monitor.php). There exists no input validation or output filtration, leaving it vulnerable to HTML Injection and an XSS attack.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7331","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55914","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55949","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55948","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55999","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55993","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55975","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56011","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56014","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55988","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7331"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7331","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7331"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2451","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2451"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7331","reference_id":"CVE-2019-7331","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7331"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7331"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8uu9-g2r8-nyep"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94216?format=json","vulnerability_id":"VCID-8vh1-pk4c-63hz","summary":"A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6990","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49482","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50567","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50501","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.5051","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50495","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50522","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50475","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50529","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50526","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50544","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50573","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50577","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0027","scoring_system":"epss","scoring_elements":"0.50555","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6990"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6990","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6990"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2444","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2444"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921001","reference_id":"921001","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921001"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6990","reference_id":"CVE-2019-6990","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"5.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6990"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-6990"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"4.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8vh1-pk4c-63hz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94254?format=json","vulnerability_id":"VCID-a7us-wjek-2yc5","summary":"Session fixation exists in ZoneMinder through 1.32.3, as an attacker can fixate his own session cookies to the next logged-in user, thereby hijacking the victim's account. This occurs because a set of multiple cookies (between 3 and 5) is being generated when a user successfully logs in, and these sets overlap for successive logins.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7350","reference_id":"","reference_type":"","scores":[{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54438","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.5446","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54375","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54453","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54476","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54444","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54497","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54491","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54502","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54485","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54464","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54503","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54506","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00313","scoring_system":"epss","scoring_elements":"0.54483","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7350"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7350","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7350"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2471","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2471"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7350","reference_id":"CVE-2019-7350","reference_type":"","scores":[{"value":"4.9","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:N"},{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7350"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7350"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a7us-wjek-2yc5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94273?format=json","vulnerability_id":"VCID-afd6-2uyx-qubh","summary":"ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8423","reference_id":"","reference_type":"","scores":[{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53768","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53789","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53715","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53735","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53762","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53788","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53786","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53834","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53818","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53802","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53839","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53843","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00306","scoring_system":"epss","scoring_elements":"0.53823","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-8423"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8423","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8423"},{"reference_url":"https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewseventsphp-line-44-sql-injection","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewseventsphp-line-44-sql-injection"},{"reference_url":"https://www.seebug.org/vuldb/ssvid-97761","reference_id":"","reference_type":"","scores":[],"url":"https://www.seebug.org/vuldb/ssvid-97761"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-8423","reference_id":"CVE-2019-8423","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-8423"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-8423"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-afd6-2uyx-qubh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94214?format=json","vulnerability_id":"VCID-cccj-wgfh-3fg4","summary":"An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in web/skins/classic/views/plugin.php via the zm/index.php?view=plugin pl parameter.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6777","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53703","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53874","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53885","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53819","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53846","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53871","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53868","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53916","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53799","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53883","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53921","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53926","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53907","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6777"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6777","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6777"},{"reference_url":"https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2436","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2436"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920375","reference_id":"920375","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920375"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.32.3:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:1.32.3:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:1.32.3:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6777","reference_id":"CVE-2019-6777","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6777"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-6777"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cccj-wgfh-3fg4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94232?format=json","vulnerability_id":"VCID-dk87-j5dz-6bed","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) via /js/frame.js.php because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7328","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58225","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58241","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58235","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58216","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58247","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5825","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7328"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7328","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7328"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2449","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2449"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7328","reference_id":"CVE-2019-7328","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7328"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7328"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dk87-j5dz-6bed"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94217?format=json","vulnerability_id":"VCID-dpp2-3t2d-d3e4","summary":"A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6991","reference_id":"","reference_type":"","scores":[{"value":"0.05263","scoring_system":"epss","scoring_elements":"0.9002","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90023","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.9003","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90047","published_at":"2026-04-26T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.89975","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.89987","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.89993","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90008","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90014","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.89973","published_at":"2026-04-01T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90022","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90016","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90031","published_at":"2026-04-16T12:55:00Z"},{"value":"0.05293","scoring_system":"epss","scoring_elements":"0.90032","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6991"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6991","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6991"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2478","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2478"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/pull/2482","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/pull/2482"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921000","reference_id":"921000","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921000"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6991","reference_id":"CVE-2019-6991","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:L/Au:N/C:P/I:P/A:P"},{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6991"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-6991"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dpp2-3t2d-d3e4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94236?format=json","vulnerability_id":"VCID-dz5v-tqce-a7ew","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' (aka Event ID) parameter value in the view download (download.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7332","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58225","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58241","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58235","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58216","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58247","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5825","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7332"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7332","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7332"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2442","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2442"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7332","reference_id":"CVE-2019-7332","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7332"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7332"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dz5v-tqce-a7ew"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94239?format=json","vulnerability_id":"VCID-edec-sj6n-n7d7","summary":"Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7335","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7335"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7335","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7335"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2453","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2453"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7335","reference_id":"CVE-2019-7335","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7335"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7335"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-edec-sj6n-n7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94243?format=json","vulnerability_id":"VCID-fnhr-cs7k-gkeu","summary":"POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log (log.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7339","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7339"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7339","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7339"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2460","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2460"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7339","reference_id":"CVE-2019-7339","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7339"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7339"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fnhr-cs7k-gkeu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94218?format=json","vulnerability_id":"VCID-g1r5-fbsj-n3dr","summary":"A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6992","reference_id":"","reference_type":"","scores":[{"value":"0.00305","scoring_system":"epss","scoring_elements":"0.53728","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53932","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53889","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53901","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53833","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53861","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53835","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53887","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53885","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53814","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53914","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53898","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53936","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53942","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00307","scoring_system":"epss","scoring_elements":"0.53922","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-6992"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6992","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6992"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2445","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2445"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920999","reference_id":"920999","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=920999"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6992","reference_id":"CVE-2019-6992","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-6992"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-6992"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-g1r5-fbsj-n3dr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/93954?format=json","vulnerability_id":"VCID-hpah-sv5y-8bde","summary":"Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to this page.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13072","reference_id":"","reference_type":"","scores":[{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49438","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49466","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49493","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49446","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49501","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49496","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49513","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49485","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49488","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49534","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49533","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49503","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00261","scoring_system":"epss","scoring_elements":"0.49457","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-13072"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13072","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13072"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-13072"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hpah-sv5y-8bde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94245?format=json","vulnerability_id":"VCID-jmdh-m4ty-gqch","summary":"Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[LinkedMonitors]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7341","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58044","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.57943","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58027","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5805","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58025","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.581","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58077","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58056","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58087","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58064","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.5803","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7341"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2463","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2463"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7341","reference_id":"CVE-2019-7341","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7341"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7341"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jmdh-m4ty-gqch"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94230?format=json","vulnerability_id":"VCID-kgpe-97pr-suee","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console (console.php) because proper filtration is omitted. This relates to the index.php?view=monitor Host Name field.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7326","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56013","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55914","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55935","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55949","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5597","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55948","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55999","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56002","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55993","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55975","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56011","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.56014","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55988","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7326"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7326","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7326"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2452","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2452"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7326","reference_id":"CVE-2019-7326","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7326"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7326"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kgpe-97pr-suee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94251?format=json","vulnerability_id":"VCID-p916-xnk3-rkce","summary":"A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion from the users table. This allows a nonexistent user to access and modify records (add/delete Monitors, Users, etc.).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7347","reference_id":"","reference_type":"","scores":[{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67445","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67434","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67313","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67349","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67372","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.6735","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67401","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67414","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67435","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67423","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67389","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67425","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00534","scoring_system":"epss","scoring_elements":"0.67436","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7347"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7347","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7347"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2476","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2476"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7347","reference_id":"CVE-2019-7347","reference_type":"","scores":[{"value":"6.0","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:P/I:P/A:P"},{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7347"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7347"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p916-xnk3-rkce"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94233?format=json","vulnerability_id":"VCID-pr1z-g8aw-tqez","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7329","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.5564","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55973","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55896","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55916","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55929","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55951","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.5598","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55983","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55993","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55817","published_at":"2026-04-01T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55955","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55991","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55994","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0033","scoring_system":"epss","scoring_elements":"0.55969","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7329"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7329","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7329"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2446","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2446"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7329","reference_id":"CVE-2019-7329","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7329"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7329"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pr1z-g8aw-tqez"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94234?format=json","vulnerability_id":"VCID-qn8h-k43x-p7cs","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'show' parameter value in the view frame (frame.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7330","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58225","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58241","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58235","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58216","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58247","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5825","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7330"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7330","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7330"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2448","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2448"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7330","reference_id":"CVE-2019-7330","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7330"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7330"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qn8h-k43x-p7cs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94242?format=json","vulnerability_id":"VCID-qxmt-szsx-y7a8","summary":"Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7338","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7338"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7338","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7338"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2454","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2454"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7338","reference_id":"CVE-2019-7338","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7338"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7338"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qxmt-szsx-y7a8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94252?format=json","vulnerability_id":"VCID-qxtk-taxx-1kde","summary":"Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user (user.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7348","reference_id":"","reference_type":"","scores":[{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51734","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5177","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51688","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51738","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51764","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51725","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51779","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51776","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51826","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51805","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5179","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51832","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.51839","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00284","scoring_system":"epss","scoring_elements":"0.5182","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7348"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7348","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7348"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2467","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2467"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7348","reference_id":"CVE-2019-7348","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7348"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7348"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qxtk-taxx-1kde"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94241?format=json","vulnerability_id":"VCID-t5fd-hvgs-sue7","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 as the view 'events' (events.php) insecurely displays the limit parameter value, without applying any proper output filtration. This issue exists because of the function sortHeader() in functions.php, which insecurely returns the value of the limit query string parameter without applying any filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7337","reference_id":"","reference_type":"","scores":[{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55146","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55154","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55074","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55175","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55199","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55174","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55223","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55235","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55216","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55197","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55236","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55239","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55219","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7337"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7337","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7337"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2456","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2456"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7337","reference_id":"CVE-2019-7337","reference_type":"","scores":[{"value":"3.5","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:S/C:N/I:P/A:N"},{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7337"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7337"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t5fd-hvgs-sue7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94253?format=json","vulnerability_id":"VCID-ug2b-2eg5-jfbb","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[V4LCapturesPerFrame]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7349","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7349"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7349","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7349"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2465","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2465"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7349","reference_id":"CVE-2019-7349","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7349"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7349"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ug2b-2eg5-jfbb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94248?format=json","vulnerability_id":"VCID-ukjs-5za3-xqdb","summary":"Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying any proper filtration.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7344","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7344"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7344"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2455","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2455"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7344","reference_id":"CVE-2019-7344","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7344"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7344"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ukjs-5za3-xqdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94231?format=json","vulnerability_id":"VCID-wdng-puzu-5kah","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7327","reference_id":"","reference_type":"","scores":[{"value":"0.00358","scoring_system":"epss","scoring_elements":"0.58029","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58258","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58225","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58203","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58189","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58209","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58182","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58236","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58241","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58104","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58235","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58216","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.58247","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00361","scoring_system":"epss","scoring_elements":"0.5825","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7327"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7327","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7327"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2447","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2447"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7327","reference_id":"CVE-2019-7327","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7327"},{"reference_url":"https://usn.ubuntu.com/5889-1/","reference_id":"USN-5889-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5889-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7327"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wdng-puzu-5kah"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94250?format=json","vulnerability_id":"VCID-xj45-xv47-ruhe","summary":"A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a \"Try again\" button, which allows resending the failed request, making the CSRF attack successful.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7346","reference_id":"","reference_type":"","scores":[{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38845","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38926","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39065","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.3925","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39273","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39192","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39247","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39263","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39274","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39236","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39218","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39271","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39241","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39153","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38945","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7346"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7346","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7346"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2469","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2469"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7346","reference_id":"CVE-2019-7346","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:P/I:P/A:P"},{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7346"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7346"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xj45-xv47-ruhe"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94238?format=json","vulnerability_id":"VCID-y3vt-x7b1-4yer","summary":"Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view export (export.php) because proper filtration is omitted.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7334","reference_id":"","reference_type":"","scores":[{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55738","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55761","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55661","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55772","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55795","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55826","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55829","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55837","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55818","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.558","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55838","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55842","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00328","scoring_system":"epss","scoring_elements":"0.55744","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-7334"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7334","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7334"},{"reference_url":"https://github.com/ZoneMinder/zoneminder/issues/2443","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/ZoneMinder/zoneminder/issues/2443"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724","reference_id":"922724","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922724"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7334","reference_id":"CVE-2019-7334","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv2","scoring_elements":"AV:N/AC:M/Au:N/C:N/I:P/A:N"},{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-7334"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2019-7334"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-y3vt-x7b1-4yer"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/94515?format=json","vulnerability_id":"VCID-yxpy-5fmj-cbb7","summary":"ZoneMinder before 1.34.21 has XSS via the connkey parameter to download.php or export.php.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25729","reference_id":"","reference_type":"","scores":[{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67069","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67106","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.6713","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67104","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67154","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67167","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67186","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67172","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67141","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67175","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67189","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67169","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.6719","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67202","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00528","scoring_system":"epss","scoring_elements":"0.67201","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2020-25729"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25729","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25729"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/414377?format=json","purl":"pkg:apk/alpine/zoneminder@1.36.7-r0?arch=armv7&distroversion=v3.23&reponame=community","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}],"aliases":["CVE-2020-25729"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-yxpy-5fmj-cbb7"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/zoneminder@1.36.7-r0%3Farch=armv7&distroversion=v3.23&reponame=community"}