Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zabbix zabbix-agent vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-32728
The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution.
Zabbix Zabbix-agent2
Zabbix Zabbix-agent2 7.0.0
NA
CVE-2023-32726
The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.
Zabbix Zabbix-agent 7.0.0
Zabbix Zabbix-agent
NA
CVE-2022-43516
A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
Zabbix Zabbix 6.2.6
Zabbix Zabbix 6.0.12
Zabbix Zabbix
Microsoft Windows Firewall -
685
VMScore
CVE-2016-4338
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix prior to 2.0.18, 2.2.x prior to 2.2.13, and 3.0.x prior to 3.0.3, when used with a shell other than bash, allows context-dependent malicious users to execute arbitrary code or SQL comm...
Zabbix Zabbix 2.0.14
Zabbix Zabbix 2.0.13
Zabbix Zabbix 2.0.6
Zabbix Zabbix 2.0.5
Zabbix Zabbix 2.2.10
Zabbix Zabbix 2.2.9
Zabbix Zabbix 2.0.12
Zabbix Zabbix 2.0.11
Zabbix Zabbix 2.0.4
Zabbix Zabbix 2.0.3
Zabbix Zabbix 2.0.2
Zabbix Zabbix 2.2.8
Zabbix Zabbix 2.2.7
Zabbix Zabbix 2.2.0
Zabbix Zabbix 3.0.2
Zabbix Zabbix 2.2.2
Zabbix Zabbix 2.2.1
Zabbix Zabbix 2.0.17
Zabbix Zabbix 2.0.10
Zabbix Zabbix 2.0.9
Zabbix Zabbix 2.0.1
Zabbix Zabbix 2.0.0
1 EDB exploit
940
VMScore
CVE-2009-4502
The NET_TCP_LISTEN function in net.c in Zabbix Agent prior to 1.6.7, when running on FreeBSD or Solaris, allows remote malicious users to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this ...
Zabbix Zabbix 1.4.3
Zabbix Zabbix 1.1.5
Zabbix Zabbix 1.1.4
Zabbix Zabbix 1.1.3
Zabbix Zabbix 1.1.2
Zabbix Zabbix
Zabbix Zabbix 1.4.6
Zabbix Zabbix 1.4.4
Zabbix Zabbix 1.4.2
2 EDB exploits
215
VMScore
CVE-2007-6210
zabbix_agentd 1.1.4 in ZABBIX prior to 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
Zabbix Zabbix Agentd 1.1.4
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started