Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zabbix vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2009-4500
The process_trap function in trapper/trapper.c in Zabbix Server prior to 1.6.6 allows remote malicious users to cause a denial of service (crash) via a crafted request with data that lacks an expected : (colon) separator, which triggers a NULL pointer dereference.
Zabbix Zabbix 1.1.2
Zabbix Zabbix 1.4.4
Zabbix Zabbix 1.4.2
Zabbix Zabbix 1.1.5
Zabbix Zabbix 1.1.4
Zabbix Zabbix
Zabbix Zabbix 1.1.3
Zabbix Zabbix 1.4.3
4.3
CVSSv2
CVE-2017-2826
An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker ca...
Zabbix Zabbix 2.4.1
Zabbix Zabbix 2.4.2
Zabbix Zabbix 2.4.6
Zabbix Zabbix 2.4.7
Zabbix Zabbix 2.4.9
Zabbix Zabbix 2.4.3
Zabbix Zabbix 2.4.4
Zabbix Zabbix 2.4.5
Zabbix Zabbix 2.4.0
Zabbix Zabbix 2.4.8
Debian Debian Linux 8.0
5
CVSSv2
CVE-2013-1364
The user.login function in Zabbix prior to 1.8.16 and 2.x prior to 2.0.5rc1 allows remote malicious users to override LDAP configuration via the cnf parameter.
Zabbix Zabbix 2.0.0
Zabbix Zabbix 2.0.4
Zabbix Zabbix 2.0.3
Zabbix Zabbix 2.0.2
Zabbix Zabbix 2.0.1
Zabbix Zabbix
4.3
CVSSv2
CVE-2008-1353
zabbix_agentd in ZABBIX 1.4.4 allows remote malicious users to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.
Zabbix Zabbix 1.1.5
Zabbix Zabbix 1.4.2
Zabbix Zabbix 1.1.2
Zabbix Zabbix 1.4.3
Zabbix Zabbix 1.1.3
Zabbix Zabbix 1.1.4
1 EDB exploit
7.5
CVSSv2
CVE-2016-10134
SQL injection vulnerability in Zabbix prior to 2.2.14 and 3.0 prior to 3.0.4 allows remote malicious users to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
Zabbix Zabbix 3.0.0
Zabbix Zabbix 3.0.2
Zabbix Zabbix
Zabbix Zabbix 3.0.3
Zabbix Zabbix 3.0.1
NA
CVE-2023-32723
Request to LDAP is sent before user permissions are checked.
Zabbix Zabbix 5.0.0
Zabbix Zabbix 4.0.19
Zabbix Zabbix 4.4.7
Zabbix Zabbix
7.5
CVSSv2
CVE-2013-6824
Zabbix prior to 1.8.19rc1, 2.0 prior to 2.0.10rc1, and 2.2 prior to 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
Zabbix Zabbix
Zabbix Zabbix 2.0.0
Zabbix Zabbix 2.2.0
10
CVSSv2
CVE-2007-0640
Buffer overflow in ZABBIX prior to 1.1.5 has unknown impact and attack vectors related to "SNMP IP addresses."
Zabbix Zabbix 1.1.2
Zabbix Zabbix 1.1.3
Zabbix Zabbix
NA
CVE-2023-29452
Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider.
Zabbix Zabbix 6.4.1
Zabbix Zabbix 6.4.0
Zabbix Zabbix
NA
CVE-2023-29458
Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.
Zabbix Zabbix 5.0.34
Zabbix Zabbix 6.0.17
Zabbix Zabbix 6.4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »