Exposición de Zabbix
Miscellaneous23
score de exposición
4
sitios usan
0
en explotación
9
críticos
CVEs
70 resultadosCVE-2023-29454MEDIUMPersistent XSS in the user formEPSS 0.5%CVE-2023-29456MEDIUMInefficient URL schema validationEPSS 0.5%CVE-2025-27231MEDIUMLDAP 'Bind password' field value can be leaked by a Zabbix Super AdminEPSS 0.4%CVE-2025-27236LOWUser information disclosure via api_jsonrpc.php on method user.get with param searchEPSS 0.3%CVE-2024-45700MEDIUMDoS vulnerability due to uncontrolled resource exhaustionEPSS 0.3%CVE-2025-27237HIGHDLL injection in Zabbix Agent and Agent 2 via OpenSSL configurationEPSS 0.3%CVE-2024-45699HIGHReflected XSS vulnerability in /zabbix.php?action=export.valuemapsEPSS 0.3%CVE-2024-36469LOWUser enumeration via timing attack in Zabbix web interfaceEPSS 0.3%CVE-2024-42325LOWExcessive information returned by user.getEPSS 0.3%CVE-2025-49643MEDIUMFrontend DoS vulnerability due to asymmetric resource consumptionEPSS 0.3%CVE-2025-27232MEDIUMFrontend arbitrary file read in oauth.authorize actionEPSS 0.3%CVE-2025-27234HIGHZabbix Agent 2 smartctl plugin RCE vulnerability in Zabbix 5.0.EPSS 0.3%CVE-2026-23928HIGHStored XSS vulnerability in the Item history/Plain text widgetEPSS 0.3%CVE-2026-23926HIGHStored XSS vulnerability in Host navigator widget maintenance tooltipEPSS 0.3%CVE-2026-23923MEDIUMUnauthenticated arbitrary PHP class instantiationEPSS 0.3%CVE-2025-49641MEDIUMInsufficient permission check for the problem.view.refresh actionEPSS 0.3%CVE-2024-42331LOWUse after free in browser_push_errorEPSS 0.3%CVE-2026-23925MEDIUMUnauthorized host creation via configuration.import API by low-privilege user with write permissionsEPSS 0.3%CVE-2026-23924MEDIUMAgent 2 Docker plugin arbitrary file read via Docker API injectionEPSS 0.3%CVE-2026-23920HIGHHost and event action script regex validation can be bypassed in certain situations, leading to potential command injectionEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →