Exposição de Zabbix
Miscellaneous23
score de exposição
4
sites usam
0
em exploração
9
críticos
CVEs
70 resultadosCVE-2024-42327CRITICALSQL injection in user.get APIEPSS 78.8%CVE-2024-22120CRITICALTime Based SQL Injection in Zabbix Server Audit LogEPSS 76.6%CVE-2013-3628—Zabbix 2.0.9 has an Arbitrary Command Execution VulnerabilityEPSS 67.5%CVE-2023-29452MEDIUMRemove possibility to add html into Geomap attribution fieldEPSS 62.0%CVE-2024-36465HIGHSQL injection in Zabbix APIEPSS 23.0%CVE-2017-2825—In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in databEPSS 4.4%CVE-2017-2826—An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy requesEPSS 3.4%CVE-2024-22122LOWAT(GSM) Command InjectionEPSS 1.6%CVE-2024-22116CRITICALRemote code execution within ping scriptEPSS 1.6%CVE-2025-27240HIGHSecondary-order SQL injection in Zabbix Server when deleting an autoregistered hostEPSS 1.2%CVE-2023-29450HIGHUnauthorized limited filesystem access from preprocessingEPSS 1.1%CVE-2023-29449MEDIUMLimited control of resource utilization in JS preprocessingEPSS 1.0%CVE-2024-42330CRITICALJS - Internal strings in HTTP headersEPSS 1.0%CVE-2024-36462HIGHAllocation of resources without limits or throttling (uncontrolled resource consumption)EPSS 0.9%CVE-2023-32727MEDIUMCode execution vulnerability in icmppingEPSS 0.9%CVE-2023-32725CRITICALLeak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.EPSS 0.8%CVE-2024-36463MEDIUMThe implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objecEPSS 0.8%CVE-2024-36461CRITICALDirect access to memory pointers within the JS engine for modificationEPSS 0.8%CVE-2023-32728MEDIUMCode injection in zabbix_agent2 smart.disk.get caused by smartctl pluginEPSS 0.8%CVE-2023-29453CRITICALAgent 2 package are built with Go version affected by CVE-2023-24538EPSS 0.8%
Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →