) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
Search Parameters:
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:zabbix:zabbix:5.0.33:rc1:*:*:*:*:*:*
- CPE Name Search: true
There are 5 matching records.
Displaying matches 1 through 5.
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2024-22119 |
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. Published: February 09, 2024; 4:15:08 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-32724 |
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation. Published: October 12, 2023; 3:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
| CVE-2023-32721 |
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. Published: October 12, 2023; 3:15:09 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
| CVE-2023-29451 |
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. Published: July 13, 2023; 6:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2023-29450 |
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data. Published: July 13, 2023; 5:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |