Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zabbix zabbix vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2022-23134
After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.
Zabbix Zabbix 6.0.0
Zabbix Zabbix
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
NA
CVE-2023-29453
Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the act...
Zabbix Zabbix-agent2
7.5
CVSSv2
CVE-2006-6692
Multiple format string vulnerabilities in zabbix prior to 20061006 allow malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via format string specifiers in information that would be recorded in the system log using (1) zabbix_log ...
Zabbix Zabbix 1.1.2
1 EDB exploit
7.5
CVSSv2
CVE-2006-6693
Multiple buffer overflows in zabbix prior to 20061006 allow malicious users to cause a denial of service (application crash) and possibly execute arbitrary code via long strings to the (1) zabbix_log and (2) zabbix_syslog functions.
Zabbix Zabbix 1.1.2
6.5
CVSSv2
CVE-2013-3628
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
Zabbix Zabbix 2.0.9
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2013-3738
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.
Zabbix Zabbix 2.0.6
3.5
CVSSv2
CVE-2013-5572
Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.
Zabbix Zabbix 2.0.5
1 EDB exploit
2.1
CVSSv2
CVE-2007-6210
zabbix_agentd 1.1.4 in ZABBIX prior to 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.
Zabbix Zabbix Agentd 1.1.4
1 EDB exploit
7.5
CVSSv2
CVE-2020-11800
Zabbix Server 2.2.x and 3.0.x prior to 3.0.31, and 3.2 allows remote malicious users to execute arbitrary code.
Zabbix Zabbix
Zabbix Zabbix 3.2.0
Opensuse Backports Sle 15.0
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
5.8
CVSSv2
CVE-2016-10742
Zabbix prior to 2.2.21rc1, 3.x prior to 3.0.13rc1, 3.1.x and 3.2.x prior to 3.2.10rc1, and 3.3.x and 3.4.x prior to 3.4.4rc1 allows open redirect via the request parameter.
Zabbix Zabbix
Debian Debian Linux 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
NEXT »