• <nav id="0m0e8"><code id="0m0e8"></code></nav>
    <xmp id="0m0e8"><menu id="0m0e8"></menu>
  • <nav id="0m0e8"><code id="0m0e8"></code></nav>
  • <input id="0m0e8"><tt id="0m0e8"></tt></input>

    Zabbix Security Advisories and CVE database

    How to report a security issue?
    Zabbix ID CVE number CVSS score Zabbix ? severity Synopsis Component/s Affected version/s Published
    ZBV-2023-09-20-1 CVE-2023-29453 9.8 Critical Agent 2 package are built with Go version affected by CVE-2023-24538 Agent2 5.0.0-5.0.34
    6.0.0-6.0.17
    6.4.0-6.4.2
    2023 Oct 12
    ZBV-2023-09-20-2 CVE-2023-32721 7.6 High Stored XSS in Maps element API,
    Frontend
    4.0.0-4.0.47
    5.0.0-5.0.36
    6.0.0-6.0.20
    6.4.0-6.4.5
    7.0.0alpha1-7.0.0alpha3
    2023 Oct 12
    ZBV-2023-09-20-3 CVE-2023-32722 9.6 Critical Stack-buffer Overflow in library module zbxjson Agent,
    Proxy,
    Server
    6.0.0-6.0.20
    6.4.0-6.4.5
    7.0.0alpha1-7.0.0alpha3
    2023 Oct 12
    ZBV-2023-09-20-4 CVE-2023-32723 8.5 High Inefficient permission check in class CControllerAuthenticationUpdate Frontend 4.0.0-4.0.19rc1
    4.4.0-4.4.7rc1
    5.0.0alpha1-5.0.0alpha3
    2023 Oct 12
    ZBV-2023-09-20-5 CVE-2023-32724 9.1 Critical JS engine memory pointers are directly available for Zabbix users for modification Proxy,
    Server
    5.0.0-5.0.36
    6.0.0-6.0.20
    6.4.0-6.4.5
    7.0.0alpha1-7.0.0alpha3
    2023 Oct 12
    ZBV-2023-07-27-9 CVE-2023-29458 5.9 Medium Duktape 2.6 bug crashes JavaScript putting too many values in valstack. Server,
    Proxy
    5.0.0-5.0.34
    6.0.0-6.0.17
    6.4.0-6.4.2
    7.0.0alpha1
    2023 Jun 16
    ZBV-2023-07-27-8 CVE-2023-29457 6.3 Medium Insufficient validation of Action form input fields Frontend 4.0.0-4.0.45
    5.0.0-5.0.34
    6.0.0-6.0.17
    2023 Jun 16
    ZBV-2023-07-27-7 CVE-2023-29456 5.7 Medium Inefficient URL schema validation Frontend 4.0.0-4.0.46
    5.0.0-5.0.35
    6.0.0-6.0.18
    6.4.0-6.4.3
    7.0.0alpha1
    2023 Jun 16
    ZBV-2023-07-27-6 CVE-2023-29455 5.4 Medium Reflected XSS in several fields of graph form Frontend 4.0.0–4.0.45
    5.0.0–5.0.33
    2023 Jun 16
    ZBV-2023-07-27-5 CVE-2023-29454 5.4 Medium Persistent XSS in the user form Frontend 4.0.0-4.0.45
    5.0.0-5.0.33
    6.0.0-6.0.16
    2023 Jun 16
    ZBV-2023-07-27-4 CVE-2023-29452 5.5 Medium Remove possibility to add html into Geomap attribution field Frontend 6.0.0-6.0.17
    6.4.0-6.4.2
    7.0.0-7.0.0alpha1
    2023 Jun 16
    ZBV-2023-07-27-3 CVE-2023-29451 4.7 Medium Denial of service caused by a bug in the JSON parser Server,
    Proxy
    6.0-6.0.14
    6.2-6.2.8
    6.4-6.4.0
    7.0.0alpha1
    2023 Mar 10
    ZBV-2023-07-27-2 CVE-2023-29450 8.5 High Unauthorized limited filesystem access from preprocessing Server,
    Proxy
    5.0-5.0.31
    6.0-6.0.13
    6.2-6.2.7
    6.4-6.4.0rc1
    2023 Feb 23
    ZBV-2023-07-27-1 CVE-2023-29449 5.9 Medium Limited control of resource utilization in JS preprocessing Server,
    Proxy
    4.4.4-4.4.*
    5.0.0alpha1-5.0.31
    5.2.0alpha1-5.2.*
    5.4.0alpha1-5.4.*
    6.0.0alpha1-6.0.13
    6.2.0alpha1-6.2.7
    6.4.0alpha1-6.4.0beta6
    2023 Jan 06
    ZBV-2022-12-1 CVE-2022-43516 6.5 Medium Zabbix Agent installer adds “allow all TCP any any” firewall rule Agent,
    Agent2
    MSI pkg. (29.oct.22 - 2.dec.22)
    2022 Nov 30
    ZBA-2022-10-1 - - High Some Zabbix products are affected by CVE-2022-3786 and CVE-2022-3602 vulnerabilities in OpenSSL Agent,
    Containers,
    Packages
    <=v6.0.8 (Solaris)
    all versions <=31/Oct/2022
    2022 Oct 31
    ZBV-2022-10-1 CVE-2022-43515 5.3 Medium X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode Frontend 4.0.0-4.0.44
    5.0.0-5.0.29
    6.0.0-6.0.9
    6.2.0-6.2.4
    2022 Oct 18
    ZBV-2022-09-1 CVE-2022-46768 5.9 Medium File name information disclosure vulnerability in Zabbix Web Service Report Generation Report generation 6.0.0-6.0.11
    6.2.0-6.2.5
    2022 Sep 21
    ZBA-2022-07-1 - - - Zabbix products are not affected by CVE-2022-2068 vulnerability in OpenSSL - -
    2022 Jul 26
    ZBV-2022-07-1 CVE-2022-40626 4.8 Medium Reflected XSS in action configuration window of Zabbix Frontend Frontend 6.0.0-6.0.6
    6.2.0
    2022 Jul 08
    ZBV-2022-04-1 CVE-2022-35229 3.7 Low Reflected XSS in discovery page of Zabbix Frontend Frontend =>4.0.0
    5.0.0-5.0.24
    6.0.0-6.0.4
    6.2alpha1-6.2beta3
    2022 Apr 27
    ZBV-2022-04-2 CVE-2022-35230 3.7 Low Reflected XSS in graphs page of Zabbix Frontend Frontend =>4.0.23rc1
    5.0.0-5.0.24
    2022 Apr 27
    ZBA-2022-04-1 - - - Zabbix products are not affected by vulnerabilities in Spring Framework (CVE-2022-22965 - Spring4Shell) and Spring Cloud Function (CVE-2022-22963) - -
    2022 Apr 04
    ZBA-2022-03-1 - - - Zabbix products are not affected by CVE-2018-25032 vulnerability in zlib 1.2.11 - -
    2022 Mar 28
    ZBV-2022-01-2 CVE-2022-24917 3.7 Low Reflected XSS in service configuration window of Zabbix Frontend Frontend 4.0.0-4.0.38
    5.0.0-5.0.20
    5.4.0-5.4.10
    2022 Feb 02
    ZBV-2022-01-3 CVE-2022-24918 3.7 Low Reflected XSS in item configuration window of Zabbix Frontend Frontend 5.0.0-5.0.20
    5.4.0-5.4.10
    6.0
    2022 Feb 02
    ZBV-2022-01-1 CVE-2022-24349 4.6 Medium Reflected XSS in action configuration window of Zabbix Frontend Frontend 4.0.0-4.0.38
    5.0.0-5.0.20
    5.4.0-5.4
    6.0
    2022 Feb 01
    ZBV-2022-01-4 CVE-2022-24919 3.7 Low Reflected XSS in graph configuration window of Zabbix Frontend Frontend 4.0.0-4.0.38
    5.0.0-5.0.20
    5.4.0-5.4.10
    6.0
    2022 Feb 01
    ZBV-2021-12-2 CVE-2022-23134 3.7 Low Possible view of the setup pages by unauthenticated users if config file already exists Frontend 5.4.0 - 5.4.8
    6.0.0 - 6.0.0beta1
    2021 Dec 20
    ZBA-2021-12-4 - - Medium Possible remote code execution in Zabbix Java Gateway with logback 1.2.7 and prior versions Java gateway 2.0-2.X
    3.0-3.X
    4.0.0 - 4.0.36
    5.0.18
    5.4.0 -5.4.8
    6.0.0alpha1-6.0.0beta1
    2021 Dec 16
    ZBV-2021-12-3 CVE-2022-23133 6.3 Medium Stored XSS in host groups configuration window in Zabbix Frontend Frontend 5.0.0 – 5.0.18
    5.4.0 – 5.4.8
    6.0.0alpha1
    2021 Dec 08
    ZBV-2021-12-5 CVE-2022-23132 3.3 Low Incorrect permissions of [/var/run/zabbix] forces dac_override Proxy,
    Server
    4.0.0 - 4.0.36
    5.0.18
    5.4.0 – 5.4.8
    6.0.0alpha1-6.0.0alpha7
    2021 Dec 01
    ZBV-2021-11-1 CVE-2022-23131 9.1 Critical Unsafe client-side session storage leading to authentication bypass/instance takeover via Zabbix Frontend with configured SAML Frontend 5.4.0 - 5.4.8
    6.0.0alpha1
    2021 Nov 22

    Whole history of vulnerabilities

    国产精品一区二区久久宅男宅女,国产白浆喷水在线视频,国产麻豆高潮流白浆喷水免费视频,在线国产亚洲欧美色图
    <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <蜘蛛词>| <文本链> <文本链> <文本链> <文本链> <文本链> <文本链>