Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-49551

Malicious code in bioql PyPI...

5.9CVSS5.8AI score0.47772EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-36948

Malicious code in bioql PyPI...

7.6CVSS6.4AI score0.00595EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2021-27927

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpda...

8.8CVSS7.9AI score0.01472EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/05/21 12:0 a.m.7 views

The vulnerability of Zabbix’s Web interface, the UI of the IT infrastructure monitoring system, allows a perpetrator to trigger a service failure or compromise the integrity of Zabbix’s Web interface resources.

The vulnerability of Zabbix’s Web interface, the monitoring system for IT infrastructure, is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability allows a malicious actor to cause service failures or compromise the integrity of Zabbix’s Web...

8.5CVSS5.6AI score
Exploits0Affected Software1
Vulnrichment
Vulnrichment
added 2025/04/02 6:11 a.m.11 views

CVE-2024-36469 User enumeration via timing attack in Zabbix web interface

Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...

2.3CVSS7.3AI score0.00318EPSS
Exploits0References1
CVE
CVE
added 2025/04/02 6:11 a.m.1573 views

CVE-2024-36469

CVE-2024-36469 affects Zabbix across multiple distributions. The issue is described as a timing discrepancy: execution time for an unsuccessful login differs between non-existent vs. existing usernames. Connected advisories confirm affected packages and vendor-supplied patches: Debian LTS DLA-413...

3.1CVSS7.3AI score0.00318EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/02 6:11 a.m.21 views

CVE-2024-36469 User enumeration via timing attack in Zabbix web interface

Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one...

2.3CVSS0.00318EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-32721

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. CVE-2023-32721 Note that Nessus reli...

7.6CVSS6.5AI score0.00595EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/10/14 1:13 a.m.2 views

SUSE CVE-2023-32721

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...

7.6CVSS6.2AI score0.00595EPSS
Exploits0References3
Prion
Prion
added 2023/10/12 7:15 a.m.25 views

Cross site scripting

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...

4.9CVSS5.1AI score0.00595EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2023/10/12 6:4 a.m.33 views

CVE-2023-32721

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...

7.6CVSS6.2AI score0.00595EPSS
Exploits0
Cvelist
Cvelist
added 2023/10/12 6:4 a.m.28 views

CVE-2023-32721 Stored XSS in Maps element

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL...

7.6CVSS7.4AI score0.00595EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/12/19 10:0 a.m.31 views

CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

5.9CVSS3.2AI score0.47772EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2022/12/19 10:0 a.m.3 views

CVE-2022-46768 File name information disclosure vulnerability in Zabbix Web Service Report Generation

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

5.9CVSS7.1AI score0.47772EPSS
Exploits0References1
NVD
NVD
added 2022/12/15 7:15 a.m.24 views

CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

5.9CVSS0.47772EPSS
Exploits0References1
OSV
OSV
added 2022/12/15 7:15 a.m.6 views

CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

5.9CVSS6.7AI score
Exploits0References1
OSV
OSV
added 2022/12/15 7:15 a.m.2 views

DEBIAN-CVE-2022-46768

Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files...

5.9CVSS6AI score0.47772EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/12/15 12:0 a.m.3 views

Zabbix 输入验证错误漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. Zabbix Web Service Report Generation has a security vulnerability that stems from its service does not properly validate URL parameters...

5.9CVSS6.1AI score0.47772EPSS
Exploits0References2
Rows per page
Query Builder