Zabbix : Security Vulnerabilities, CVEs, (Memory corruption)
The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.
Max CVSS
9.6
EPSS Score
0.21%
Published
2023-10-12
Updated
2023-10-17
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-07-13
Updated
2023-08-22
The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service (crash) via a request that lacks expected separators, which triggers a NULL pointer dereference, as demonstrated using the Command keyword.
Max CVSS
5.0
EPSS Score
0.26%
Published
2009-12-31
Updated
2010-01-01
The process_trap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service (crash) via a crafted request with data that lacks an expected : (colon) separator, which triggers a NULL pointer dereference.
Max CVSS
5.0
EPSS Score
0.23%
Published
2009-12-31
Updated
2010-01-12
4 vulnerabilities found