Skip to main content

Zabbix

72 CVEs product

Monthly

CVE-2026-23928 HIGH PATCH This Week

Stored cross-site scripting (XSS) in Zabbix 6.0-7.4 allows authenticated attackers with high privileges to inject malicious JavaScript via monitored host data that executes when other users view dashboards containing Item history widgets (7.0+) or Plain text widgets (6.0). The attack requires the attacker to control a monitored host and the victim to open a dashboard with HTML display enabled in the affected widget. CVSS 7.3 reflects high impact but requires specific preconditions: high-privilege access (PR:H), user interaction (UI:P), and precise attack timing (AT:P). No CISA KEV listing or public exploit identified at time of analysis, with low immediate exploitation risk given the privilege requirements.

XSS Zabbix Suse
NVD VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-23925 MEDIUM PATCH This Month

An authenticated Zabbix user (User role) with template/host write permissions is able to create objects via the configuration.import API. This can lead to confidentiality loss by creating unauthorized hosts.

Authentication Bypass Zabbix Red Hat Suse
NVD VulDB
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-49641 MEDIUM PATCH This Month

A regular Zabbix user with no permission to the Monitoring -> Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems.

Authentication Bypass Ubuntu Debian Zabbix Suse
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-27236 MEDIUM PATCH This Month

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.

Authentication Bypass Ubuntu Debian Zabbix Suse
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2025-27231 MEDIUM PATCH This Month

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change.

Information Disclosure Ubuntu Debian Zabbix Suse
NVD
CVSS 3.1
4.9
EPSS
0.0%
CVE-2025-27240 HIGH This Week

A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Zabbix
NVD
CVSS 4.0
7.5
EPSS
0.1%
CVE-2025-27238 LOW Monitor

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
CVSS 4.0
2.1
EPSS
0.0%
CVE-2024-45700 MEDIUM PATCH This Month

Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix Suse
NVD
CVSS 4.0
6.0
EPSS
0.2%
CVE-2024-45699 HIGH PATCH This Week

The endpoint /zabbix.php?action=export.valuemaps suffers from a Cross-Site Scripting vulnerability via the backurl parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

PHP XSS Zabbix Suse
NVD
CVSS 4.0
7.5
EPSS
0.2%
CVE-2024-42325 LOW Monitor

Zabbix API user.get returns all users that share common group with the calling user. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 4.0
2.1
EPSS
0.1%
CVE-2024-36469 LOW Monitor

Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 4.0
2.3
EPSS
0.2%
CVE-2024-36465 HIGH PATCH This Week

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

PHP SQLi Zabbix Suse
NVD
CVSS 4.0
8.6
EPSS
0.5%
CVE-2024-36466 HIGH This Week

A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-36464 LOW Monitor

When exporting media types, the password is exported in the YAML in plain text. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
2.7
EPSS
0.5%
CVE-2024-42333 LOW Monitor

The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Zabbix
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2024-42332 LOW Monitor

The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
3.7
EPSS
0.6%
CVE-2024-42331 LOW Monitor

In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Zabbix
NVD
CVSS 3.1
3.3
EPSS
0.3%
CVE-2024-42330 CRITICAL Act Now

The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
9.1
EPSS
1.0%
CVE-2024-42329 LOW Monitor

The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Zabbix
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2024-42328 MEDIUM This Month

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curl_write_cb when receiving data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Zabbix
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2024-42326 MEDIUM This Month

There was discovered a use after free bug in browser.c in the es_browser_get_variant function. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption Zabbix
NVD
CVSS 3.1
4.4
EPSS
0.2%
CVE-2024-36468 HIGH This Week

The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Zabbix
NVD
CVSS 3.1
8.2
EPSS
0.5%
CVE-2024-36467 HIGH This Week

An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2024-36463 HIGH This Week

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-22117 LOW Monitor

When a URL is added to the map element, it is recorded in the database with sequential IDs. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
2.2
EPSS
0.5%
CVE-2024-36462 HIGH This Week

Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
CVSS 3.1
7.5
EPSS
0.9%
CVE-2024-36461 HIGH This Week

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
8.8
EPSS
0.8%
CVE-2024-36460 HIGH This Week

The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
8.1
EPSS
0.6%
CVE-2024-22123 LOW Monitor

Setting SMS media allows to set GSM modem file. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Zabbix
NVD
CVSS 3.1
2.7
EPSS
0.6%
CVE-2024-22122 CRITICAL Act Now

Zabbix allows to configure SMS notifications. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Zabbix
NVD
CVSS 3.1
9.1
EPSS
1.6%
CVE-2024-22121 MEDIUM This Month

A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
6.1
EPSS
0.2%
CVE-2024-22116 HIGH This Week

An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Zabbix
NVD
CVSS 3.1
7.2
EPSS
1.6%
CVE-2024-22114 MEDIUM This Month

User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
4.3
EPSS
0.6%
CVE-2024-22120 HIGH POC THREAT This Week

Zabbix server can perform command execution for configured scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zabbix
NVD
CVSS 3.1
8.8
EPSS
76.6%
CVE-2024-22119 MEDIUM POC This Month

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-32728 CRITICAL Act Now

The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Zabbix Zabbix Agent2
NVD
CVSS 3.1
9.8
EPSS
0.8%
CVE-2023-32727 HIGH This Week

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Zabbix Zabbix Server
NVD
CVSS 3.1
7.2
EPSS
0.9%
CVE-2023-32724 HIGH This Week

Memory pointer is in a property of the Ducktape object. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
8.8
EPSS
0.6%
CVE-2023-32723 CRITICAL Act Now

Request to LDAP is sent before user permissions are checked. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
9.1
EPSS
0.6%
CVE-2023-32722 HIGH This Week

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Zabbix
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-32721 MEDIUM This Month

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zabbix XSS
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-29458 HIGH This Week

Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-29452 MEDIUM This Month

Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 3.1
5.4
EPSS
62.0%
CVE-2023-29451 HIGH This Week

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-29450 HIGH This Week

JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zabbix Authentication Bypass
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2023-29449 MEDIUM This Month

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
CVSS 3.1
4.9
EPSS
1.0%
CVE-2022-46768 MEDIUM PATCH This Month

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Zabbix Information Disclosure Web Service Report Generation Zabbix Agent2
NVD
CVSS 3.1
5.9
EPSS
47.8%
CVE-2022-43516 CRITICAL POC Act Now

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix Information Disclosure Microsoft Windows Firewall
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2022-43515 CRITICAL POC Act Now

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix Information Disclosure Frontend
NVD
CVSS 3.1
9.8
EPSS
1.2%
CVE-2022-40626 MEDIUM PATCH This Month

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Zabbix XSS Fedora
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2022-35230 MEDIUM PATCH This Month

An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS CSRF Zabbix
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-35229 MEDIUM PATCH This Month

An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS CSRF Zabbix
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2022-26148 CRITICAL POC THREAT Act Now

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix PHP Grafana Information Disclosure Ceph Storage +1
NVD
CVSS 3.1
9.8
EPSS
53.4%
CVE-2022-24349 MEDIUM PATCH This Month

An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Zabbix XSS Frontend Debian Linux Fedora
NVD
CVSS 3.1
4.4
EPSS
1.2%
CVE-2021-27927 HIGH PATCH This Week

In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Zabbix
NVD
CVSS 3.1
8.8
EPSS
1.5%
CVE-2020-11800 CRITICAL Act Now

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Zabbix Backports Sle Leap Debian Linux
NVD
CVSS 3.1
9.8
EPSS
9.2%
CVE-2020-15803 MEDIUM PATCH This Month

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zabbix Fedora Debian Linux Backports +1
NVD
CVSS 3.1
6.1
EPSS
32.3%
CVE-2019-17382 CRITICAL POC THREAT Act Now

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix Authentication Bypass PHP
NVD Exploit-DB
CVSS 3.1
9.1
EPSS
54.1%
CVE-2019-15132 MEDIUM This Month

Zabbix through 4.4.0alpha1 allows User Enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zabbix PHP Information Disclosure Debian Linux
NVD
CVSS 3.1
5.3
EPSS
2.0%
CVE-2018-18289 HIGH This Week

The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows attackers to read arbitrary files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zabbix Atlassian Information Disclosure
NVD
CVSS 3.0
7.5
EPSS
1.1%
CVE-2017-2824 HIGH POC THREAT Act Now

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 73.5%.

RCE Zabbix Command Injection
NVD
CVSS 3.0
8.1
EPSS
73.5%
Threat
5.3
CVE-2016-10134 CRITICAL POC THREAT Emergency

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.2%.

SQLi Zabbix PHP
NVD
CVSS 3.0
9.8
EPSS
86.2%
Threat
6.0
CVE-2016-4338 HIGH POC THREAT Act Now

The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 45.0%.

RCE SQLi Zabbix
NVD Exploit-DB VulDB
CVSS 3.0
8.1
EPSS
45.0%
Threat
4.5
CVE-2014-9450 HIGH This Week

Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Zabbix
NVD
CVSS 2.0
7.5
EPSS
0.5%
CVE-2014-4326 Ruby HIGH PATCH This Week

Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Elastic Zabbix Logstash
NVD
CVSS 2.0
7.5
EPSS
0.9%
CVE-2014-1685 MEDIUM This Month

The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix Fedora
NVD
CVSS 2.0
5.5
EPSS
0.4%
CVE-2014-1682 MEDIUM This Month

The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zabbix Authentication Bypass Fedora
NVD
CVSS 2.0
4.0
EPSS
0.3%
CVE-2012-6086 MEDIUM This Month

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zabbix
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2013-6824 HIGH POC PATCH This Week

Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection RCE Zabbix
NVD
CVSS 2.0
7.5
EPSS
1.5%
CVE-2013-1364 MEDIUM This Month

The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
CVSS 2.0
5.0
EPSS
0.4%
CVE-2013-5572 LOW POC Monitor

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Privilege Escalation Zabbix
NVD Exploit-DB
CVSS 2.0
3.5
EPSS
7.8%
CVE-2012-3435 HIGH POC This Week

SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Zabbix
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
1.8%
EPSS 0% CVSS 7.3
HIGH PATCH This Week

Stored cross-site scripting (XSS) in Zabbix 6.0-7.4 allows authenticated attackers with high privileges to inject malicious JavaScript via monitored host data that executes when other users view dashboards containing Item history widgets (7.0+) or Plain text widgets (6.0). The attack requires the attacker to control a monitored host and the victim to open a dashboard with HTML display enabled in the affected widget. CVSS 7.3 reflects high impact but requires specific preconditions: high-privilege access (PR:H), user interaction (UI:P), and precise attack timing (AT:P). No CISA KEV listing or public exploit identified at time of analysis, with low immediate exploitation risk given the privilege requirements.

XSS Zabbix Suse
NVD VulDB
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

An authenticated Zabbix user (User role) with template/host write permissions is able to create objects via the configuration.import API. This can lead to confidentiality loss by creating unauthorized hosts.

Authentication Bypass Zabbix Red Hat +1
NVD VulDB
EPSS 0% CVSS 4.3
MEDIUM PATCH This Month

A regular Zabbix user with no permission to the Monitoring -> Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems.

Authentication Bypass Ubuntu Debian +2
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.

Authentication Bypass Ubuntu Debian +2
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change.

Information Disclosure Ubuntu Debian +2
NVD
EPSS 0% CVSS 7.5
HIGH This Week

A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SQLi Zabbix
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
EPSS 0% CVSS 6.0
MEDIUM PATCH This Month

Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. Rated medium severity (CVSS 6.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix Suse
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

The endpoint /zabbix.php?action=export.valuemaps suffers from a Cross-Site Scripting vulnerability via the backurl parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

PHP XSS Zabbix +1
NVD
EPSS 0% CVSS 2.1
LOW Monitor

Zabbix API user.get returns all users that share common group with the calling user. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 0% CVSS 2.3
LOW Monitor

Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one. Rated low severity (CVSS 2.3), this vulnerability is no authentication required. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 8.6
HIGH PATCH This Week

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter. Rated high severity (CVSS 8.6), this vulnerability is low attack complexity. No vendor patch available.

PHP SQLi Zabbix +1
NVD
EPSS 1% CVSS 8.8
HIGH This Week

A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
EPSS 1% CVSS 2.7
LOW Monitor

When exporting media types, the password is exported in the YAML in plain text. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 2.7
LOW Monitor

The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow Zabbix
NVD
EPSS 1% CVSS 3.7
LOW Monitor

The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 0% CVSS 3.3
LOW Monitor

In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption +1
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Zabbix
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curl_write_cb when receiving data. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Zabbix
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

There was discovered a use after free bug in browser.c in the es_browser_get_variant function. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Use After Free Denial Of Service Memory Corruption +1
NVD
EPSS 0% CVSS 8.2
HIGH This Week

The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow Zabbix
NVD
EPSS 1% CVSS 8.8
HIGH This Week

An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
EPSS 1% CVSS 8.8
HIGH This Week

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 0% CVSS 2.2
LOW Monitor

When a URL is added to the map element, it is recorded in the database with sequential IDs. Rated low severity (CVSS 2.2), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 8.1
HIGH This Week

The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 2.7
LOW Monitor

Setting SMS media allows to set GSM modem file. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Zabbix
NVD
EPSS 2% CVSS 9.1
CRITICAL Act Now

Zabbix allows to configure SMS notifications. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Zabbix
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 2% CVSS 7.2
HIGH This Week

An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection RCE Zabbix
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 77% CVSS 8.8
HIGH POC THREAT This Week

Zabbix server can perform command execution for configured scripts. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

SQLi Zabbix
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Zabbix Zabbix Agent2
NVD
EPSS 1% CVSS 7.2
HIGH This Week

An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Zabbix Zabbix Server
NVD
EPSS 1% CVSS 8.8
HIGH This Week

Memory pointer is in a property of the Ducktape object. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 9.1
CRITICAL Act Now

Request to LDAP is sent before user permissions are checked. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 7.8
HIGH This Week

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Zabbix
NVD
EPSS 1% CVSS 5.4
MEDIUM This Month

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zabbix XSS
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
EPSS 62% CVSS 5.4
MEDIUM This Month

Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
EPSS 1% CVSS 7.5
HIGH This Week

JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Zabbix Authentication Bypass
NVD
EPSS 1% CVSS 4.9
MEDIUM This Month

JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Denial Of Service Zabbix
NVD
EPSS 48% CVSS 5.9
MEDIUM PATCH This Month

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Zabbix Information Disclosure Web Service Report Generation +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix Information Disclosure Microsoft +1
NVD
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix Information Disclosure Frontend
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login,. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Zabbix XSS Fedora
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS CSRF Zabbix
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS CSRF Zabbix
NVD
EPSS 53% CVSS 9.8
CRITICAL POC THREAT Act Now

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix PHP Grafana +3
NVD
EPSS 1% CVSS 4.4
MEDIUM PATCH This Month

An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Zabbix XSS Frontend +2
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

CSRF Zabbix
NVD
EPSS 9% CVSS 9.8
CRITICAL Act Now

Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Zabbix Backports Sle +2
NVD
EPSS 32% CVSS 6.1
MEDIUM PATCH This Month

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Zabbix Fedora +3
NVD
EPSS 54% CVSS 9.1
CRITICAL POC THREAT Act Now

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Zabbix Authentication Bypass PHP
NVD Exploit-DB
EPSS 2% CVSS 5.3
MEDIUM This Month

Zabbix through 4.4.0alpha1 allows User Enumeration. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zabbix PHP Information Disclosure +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows attackers to read arbitrary files. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Zabbix Atlassian Information Disclosure
NVD
EPSS 74% 5.3 CVSS 8.1
HIGH POC THREAT Act Now

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 73.5%.

RCE Zabbix Command Injection
NVD
EPSS 86% 6.0 CVSS 9.8
CRITICAL POC THREAT Emergency

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 86.2%.

SQLi Zabbix PHP
NVD
EPSS 45% 4.5 CVSS 8.1
HIGH POC THREAT Act Now

The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 45.0%.

RCE SQLi Zabbix
NVD Exploit-DB VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

PHP SQLi Zabbix
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Elasticsearch Logstash 1.0.14 through 1.4.x before 1.4.2 allows remote attackers to execute arbitrary commands via a crafted event in (1) zabbix.rb or (2) nagios_nsca.rb in outputs/. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. This OS Command Injection vulnerability could allow attackers to execute arbitrary operating system commands on the host.

Command Injection Elastic Zabbix +1
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Zabbix Fedora
NVD
EPSS 0% CVSS 4.0
MEDIUM This Month

The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Zabbix Authentication Bypass Fedora
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Information Disclosure Zabbix
NVD
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Code Injection RCE Zabbix
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Zabbix
NVD
EPSS 8% CVSS 3.5
LOW POC Monitor

Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

Privilege Escalation Zabbix
NVD Exploit-DB
EPSS 2% CVSS 7.5
HIGH POC This Week

SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP SQLi Zabbix
NVD Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy