Vulnerabilidades em Zabbix
83 resultadosCVE-2024-36460HIGHFront-end audit log shows passwords in plaintextEPSS 0.6%CVE-2022-35229LOWReflected XSS in discovery page of Zabbix FrontendEPSS 0.6%CVE-2023-32721HIGHStored XSS in Maps elementEPSS 0.6%CVE-2022-35230LOWReflected XSS in graphs page of Zabbix FrontendEPSS 0.6%CVE-2023-32724CRITICALJavaScript engine memory pointers are directly available for Zabbix users for modificationEPSS 0.6%CVE-2024-22114MEDIUMSystem Information Widget in Global View Dashboard exposes information about Hosts to Users without PermissionEPSS 0.6%CVE-2024-22123LOWZabbix Arbitrary File ReadEPSS 0.6%CVE-2023-32723HIGHInefficient permission check in class CControllerAuthenticationUpdateEPSS 0.6%CVE-2023-29455MEDIUMReflected XSS in several fields of graph formEPSS 0.6%CVE-2024-36464LOWMedia Types: Office365, SMTP passwords are unencrypted and visible in plaintext when exportedEPSS 0.5%CVE-2023-29457MEDIUMInsufficient validation of Action form input fieldsEPSS 0.5%CVE-2024-36468LOWStack buffer overflow in zbx_snmp_cache_handle_engineidEPSS 0.5%CVE-2024-22117LOWValue of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs is addedEPSS 0.5%CVE-2023-29454MEDIUMPersistent XSS in the user formEPSS 0.5%CVE-2023-29456MEDIUMInefficient URL schema validationEPSS 0.5%CVE-2025-27231MEDIUMLDAP 'Bind password' field value can be leaked by a Zabbix Super AdminEPSS 0.4%CVE-2025-27236LOWUser information disclosure via api_jsonrpc.php on method user.get with param searchEPSS 0.3%CVE-2024-45700MEDIUMDoS vulnerability due to uncontrolled resource exhaustionEPSS 0.3%CVE-2025-27237HIGHDLL injection in Zabbix Agent and Agent 2 via OpenSSL configurationEPSS 0.3%CVE-2024-45699HIGHReflected XSS vulnerability in /zabbix.php?action=export.valuemapsEPSS 0.3%