Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zabbix zabbix vulnerabilities and exploits
(subscribe to this query)
7
CVSSv3
CVE-2017-2825
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to tr...
Zabbix Zabbix
Debian Debian Linux 8.0
Debian Debian Linux 9.0
6.1
CVSSv3
CVE-2023-30958
A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.225.0.
Zabbix Frontend
6.1
CVSSv3
CVE-2023-29455
Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of ma...
Zabbix Frontend
6.1
CVSSv3
CVE-2023-29457
Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts...
Zabbix Frontend
6.1
CVSSv3
CVE-2022-40626
An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.
Zabbix Zabbix 6.2.0
Zabbix Zabbix
Fedoraproject Fedora 37
6.1
CVSSv3
CVE-2020-15803
Zabbix prior to 3.0.32rc1, 4.x prior to 4.0.22rc1, 4.1.x up to and including 4.4.x prior to 4.4.10rc1, and 5.x prior to 5.0.2rc1 allows stored XSS in the URL Widget.
Zabbix Zabbix 5.0.2
Zabbix Zabbix
Zabbix Zabbix 4.4.10
Zabbix Zabbix 4.0.22
Zabbix Zabbix 3.0.32
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Debian Debian Linux 9.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Opensuse Backports Sle-15
6.1
CVSSv3
CVE-2016-10742
Zabbix prior to 2.2.21rc1, 3.x prior to 3.0.13rc1, 3.1.x and 3.2.x prior to 3.2.10rc1, and 3.3.x and 3.4.x prior to 3.4.4rc1 allows open redirect via the request parameter.
Zabbix Zabbix
Debian Debian Linux 8.0
5.9
CVSSv3
CVE-2022-46768
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.
Zabbix Zabbix-agent2
Zabbix Web Service Report Generation
5.4
CVSSv3
CVE-2024-22119
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.
Zabbix Zabbix 7.0.0
Zabbix Zabbix
5.4
CVSSv3
CVE-2023-32721
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.
Zabbix Zabbix 7.0.0
Zabbix Zabbix
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »