Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.
Max CVSS
9.1
EPSS Score
0.05%
Published
2023-10-12
Updated
2023-10-17
Request to LDAP is sent before user permissions are checked.
Max CVSS
9.1
EPSS Score
0.09%
Published
2023-10-12
Updated
2024-01-24
The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.
Max CVSS
9.6
EPSS Score
0.21%
Published
2023-10-12
Updated
2023-10-17
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.
Max CVSS
7.6
EPSS Score
0.05%
Published
2023-10-12
Updated
2024-01-24
Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-07-13
Updated
2023-07-25
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-07-13
Updated
2023-08-22
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
Max CVSS
8.5
EPSS Score
0.09%
Published
2023-07-13
Updated
2023-08-22
A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)
Max CVSS
9.8
EPSS Score
0.21%
Published
2022-12-05
Updated
2022-12-07
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
Max CVSS
7.5
EPSS Score
0.10%
Published
2022-01-13
Updated
2022-02-10

CVE-2022-23131

Known exploited
In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).
Max CVSS
9.8
EPSS Score
97.19%
Published
2022-01-13
Updated
2022-01-19
CISA KEV Added
2022-02-22
Zabbix 4.0 LTS, 4.2, 4.4, and 5.0 LTS is vulnerable to Remote Code Execution (RCE). Any user with the "Zabbix Admin" role is able to run custom shell script on the application server in the context of the application user.
Max CVSS
7.2
EPSS Score
0.32%
Published
2022-01-27
Updated
2022-02-02
In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism. The code inside this controller calls diableSIDValidation inside the init() method. An attacker doesn't have to know Zabbix user login credentials, but has to know the correct Zabbix URL and contact information of an existing user with sufficient privileges.
Max CVSS
8.8
EPSS Score
0.07%
Published
2021-03-03
Updated
2023-04-12
Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.
Max CVSS
9.8
EPSS Score
2.26%
Published
2020-10-07
Updated
2022-01-01
An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
Max CVSS
9.1
EPSS Score
31.41%
Published
2019-10-09
Updated
2023-08-22
In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability.
Max CVSS
7.0
EPSS Score
0.20%
Published
2018-04-20
Updated
2019-10-03
An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability.
Max CVSS
8.1
EPSS Score
71.58%
Published
2017-05-24
Updated
2019-10-03

CVE-2016-10134

Public exploit
SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.
Max CVSS
9.8
EPSS Score
5.37%
Published
2017-02-17
Updated
2017-11-04
The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.
Max CVSS
8.1
EPSS Score
2.12%
Published
2017-01-23
Updated
2018-10-09
Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands via the (1) itemid or (2) periods parameter.
Max CVSS
7.5
EPSS Score
0.24%
Published
2015-01-02
Updated
2015-01-06
XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.
Max CVSS
9.8
EPSS Score
2.43%
Published
2018-02-01
Updated
2018-02-21
Zabbix before 5.0 represents passwords in the users table with unsalted MD5.
Max CVSS
7.5
EPSS Score
0.20%
Published
2019-11-30
Updated
2023-08-22
Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.
Max CVSS
7.5
EPSS Score
0.93%
Published
2013-12-19
Updated
2014-03-06

CVE-2013-5743

Public exploit
Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.
Max CVSS
9.8
EPSS Score
97.40%
Published
2019-12-11
Updated
2019-12-16
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.
Max CVSS
9.8
EPSS Score
1.24%
Published
2020-02-17
Updated
2020-02-20

CVE-2013-3628

Public exploit
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability
Max CVSS
8.8
EPSS Score
94.96%
Published
2020-02-07
Updated
2020-02-10
34 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!