Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:zabbix:zabbix:5.0.34:-:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2024-22119 |
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. Published: February 09, 2024; 4:15:08 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-32724 |
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation. Published: October 12, 2023; 3:15:10 AM -0400 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-32721 |
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. Published: October 12, 2023; 3:15:09 AM -0400 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-29458 |
Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use. Published: July 13, 2023; 6:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-29451 |
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. Published: July 13, 2023; 6:15:09 AM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |