18 matches found
EUVD-2022-49551
Malicious code in bioql PyPI...
EUVD-2023-36948
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-27927
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpda...
The vulnerability of Zabbix’s Web interface, the UI of the IT infrastructure monitoring system, allows a perpetrator to trigger a service failure or compromise the integrity of Zabbix’s Web interface resources.
The vulnerability of Zabbix’s Web interface, the monitoring system for IT infrastructure, is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability allows a malicious actor to cause service failures or compromise the integrity of Zabbix’s Web...
CVE-2024-36469 User enumeration via timing attack in Zabbix web interface
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...
CVE-2024-36469
CVE-2024-36469 affects Zabbix across multiple distributions. The issue is described as a timing discrepancy: execution time for an unsuccessful login differs between non-existent vs. existing usernames. Connected advisories confirm affected packages and vendor-supplied patches: Debian LTS DLA-413...
CVE-2024-36469 User enumeration via timing attack in Zabbix web interface
Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...
Linux Distros Unpatched Vulnerability : CVE-2023-32721
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. CVE-2023-32721 Note that Nessus reli...
SUSE CVE-2023-32721
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...
Cross site scripting
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...
CVE-2023-32721
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...
CVE-2023-32721 Stored XSS in Maps element
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...
CVE-2022-46768
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...
CVE-2022-46768 File name information disclosure vulnerability in Zabbix Web Service Report Generation
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...
CVE-2022-46768
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...
CVE-2022-46768
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...
DEBIAN-CVE-2022-46768
Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...
Zabbix 输入验证错误漏洞
Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix Web Service Report Generation has a security vulnerability that stems from its service does not properly validate URL parameters...