Filter
-Infinity
0
Trending
Zabbix ServerRemote code execution within ping script
9.9
First published (updated )
Zabbix ServerSystem Information Widget in Global View Dashboard exposes information about Hosts to Users without Permission
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zabbix ServerAllocation of resources without limits or throttling (uncontrolled resource consumption)
7.5
First published (updated )
Zabbix ServerDirect access to memory pointers within the JS engine for modification
9.1
First published (updated )
Zabbix ServerFront-end audit log shows passwords in plaintext
8.1
First published (updated )
Zabbix ServerZabbix Agent MSI Installer Allows Non-Admin User to Access Change Option via msiexec.exe
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ZabbixTime Based SQL Injection in Zabbix Server Audit Log
9.1
First published (updated )
Zabbix ServerStored XSS in graph items select form
5.5
EPSS
0.04%
First published (updated )
Zabbix Agent 2Code injection in zabbix_agent2 smart.disk.get caused by smartctl plugin
9.8
First published (updated )
Zabbix AgentPossible buffer overread from reading DNS responses
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ZabbixLeak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.
9.6
First published (updated )
Zabbix ServerJavaScript engine memory pointers are directly available for Zabbix users for modification
9.1
First published (updated )
Zabbix ServerInefficient permission check in class CControllerAuthenticationUpdate
9.1
First published (updated )
Zabbix ServerStack-buffer Overflow in library module zbxjson
9.6
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zabbix Agent 2Agent 2 package are built with Go version affected by CVE-2023-24538
9.8
First published (updated )
ZabbixDOM XSS in Developer mode dashboard via redirect GET parameter
6.1
First published (updated )
ZabbixInsufficient validation of Action form input fields
6.3
First published (updated )
Zabbix ServerDuktape 2.6 bug crashes JavaScript putting too many values in valstack.
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ZabbixReflected XSS in several fields of graph form
6.1
First published (updated )
Zabbix ServerRemove possibility to add html into Geomap attribution field
5.5
First published (updated )
Zabbix ServerDenial of service caused by a bug in the JSON parser
7.5
First published (updated )
Zabbix ServerUnauthorized limited filesystem access from preprocessing
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.