Filter
-Infinity
0
Trending
Zabbix ServerUnsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML
First published (updated )
Zabbix ServerZabbix Frontend Improper Access Control Vulnerability
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zabbix ServerZabbix Agent MSI Installer Allows Non-Admin User to Access Change Option via msiexec.exe
6.1
First published (updated )
Zabbix ServerAllocation of resources without limits or throttling (uncontrolled resource consumption)
7.5
First published (updated )
Zabbix ServerDirect access to memory pointers within the JS engine for modification
9.1
First published (updated )
Zabbix ServerFront-end audit log shows passwords in plaintext
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zabbix ServerSystem Information Widget in Global View Dashboard exposes information about Hosts to Users without Permission
4.3
First published (updated )
Zabbix ServerRemote code execution within ping script
9.9
First published (updated )
Zabbix Agent 2Code injection in zabbix_agent2 smart.disk.get caused by smartctl plugin
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zabbix Web Service Report GenerationFile name information disclosure vulnerability in Zabbix Web Service Report Generation
5.9
First published (updated )
Zabbix ServerZabbix Agent installer adds “allow all TCP any any” firewall rule
9.8
First published (updated )
ZabbixX-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode
9.8
First published (updated )
Zabbix Agent 2The zabbix-agent2 package before 5.4.9-r1 for Alpine Linux sometimes allows privilege escalation to …
10
First published (updated )
Zabbix ServerUnauthorized limited filesystem access from preprocessing
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Zabbix ServerLimited control of resource utilization in JS preprocessing
5.9
First published (updated )
Zabbix ServerDenial of service caused by a bug in the JSON parser
7.5
First published (updated )
Zabbix ServerRemove possibility to add html into Geomap attribution field
5.5
First published (updated )
Zabbix ServerDuktape 2.6 bug crashes JavaScript putting too many values in valstack.
7.5
First published (updated )
ZabbixReflected XSS in several fields of graph form
6.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
ZabbixInsufficient validation of Action form input fields
6.3
First published (updated )
ZabbixDOM XSS in Developer mode dashboard via redirect GET parameter
6.1
First published (updated )
Zabbix ServerStack-buffer Overflow in library module zbxjson
9.6
First published (updated )
Zabbix Agent 2Agent 2 package are built with Go version affected by CVE-2023-24538
9.8
First published (updated )
Zabbix ServerInefficient permission check in class CControllerAuthenticationUpdate
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.