Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zabbix zabbix vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2013-3738
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.
Zabbix Zabbix 2.0.6
6.5
CVSSv2
CVE-2013-3628
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
Zabbix Zabbix 2.0.9
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2013-5743
Multiple SQL injection vulnerabilities in Zabbix 1.8.x prior to 1.8.18rc1, 2.0.x prior to 2.0.9rc1, and 2.1.x prior to 2.1.7.
Zabbix Zabbix
1 EDB exploit
5
CVSSv2
CVE-2013-7484
Zabbix prior to 5.0 represents passwords in the users table with unsalted MD5.
Zabbix Zabbix 2.0.8
Zabbix Zabbix 4.4.0
6.4
CVSSv2
CVE-2019-17382
An issue exists in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix up to and including 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All...
Zabbix Zabbix
1 Github repository
5
CVSSv2
CVE-2019-15132
Zabbix up to and including 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and "No permissions for system acces...
Zabbix Zabbix 4.4.0
Zabbix Zabbix
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2016-10742
Zabbix prior to 2.2.21rc1, 3.x prior to 3.0.13rc1, 3.1.x and 3.2.x prior to 3.2.10rc1, and 3.3.x and 3.4.x prior to 3.4.4rc1 allows open redirect via the request parameter.
Zabbix Zabbix
Debian Debian Linux 8.0
5
CVSSv2
CVE-2018-18289
The MESILAT Zabbix plugin prior to 1.1.15 for Atlassian Confluence allows malicious users to read arbitrary files.
Mesilat Zabbix
NA
CVE-2016-9140
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
6.8
CVSSv2
CVE-2017-2825
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to tr...
Zabbix Zabbix
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21991
CVE-2024-32674
path traversal
CVE-2023-21987
denial of service
dos
CVE-2024-4647
CVE-2024-25519
CVE-2024-33612
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »