Lucene search
K

10 matches found

OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.36 views

Ubuntu: Security Advisory (USN-4767-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.83284EPSS
Exploits40References2
Ubuntu
Ubuntu
added 2022/06/15 8:28 a.m.273 views

USN-4767-1: Zabbix vulnerabilities

Fu Chuang discovered that Zabbix did not properly parse IPs. A remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2020-11800 It was discovered that Zabbix incorrectly handled certain...

9.8CVSS7.7AI score0.83284EPSS
Exploits40
UbuntuCve
UbuntuCve
added 2018/02/01 5:29 p.m.41 views

CVE-2014-3005

XML external entity XXE vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request...

9.8CVSS7.4AI score0.05303EPSS
Exploits1References3
OSV
OSV
added 2018/02/01 5:29 p.m.5 views

CVE-2014-3005

XML external entity XXE vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request...

9.8CVSS9.5AI score
Exploits0References12
CVE
CVE
added 2018/02/01 5:0 p.m.94 views

CVE-2014-3005

CVE-2014-3005 is an XXE vulnerability in Zabbix across multiple branches: 1.8.x < 1.8.21rc1, 2.0.x < 2.0.13rc1, 2.2.x < 2.2.5rc1, and 2.3.x

9.8CVSS9.3AI score0.05303EPSS
Exploits1References7Affected Software1
Debian CVE
Debian CVE
added 2018/02/01 5:0 p.m.28 views

CVE-2014-3005

XML external entity XXE vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request...

9.8CVSS6.9AI score0.05303EPSS
Exploits1
Mageia
Mageia
added 2014/10/29 11:30 a.m.44 views

Updated zabbix package fixes security vulnerability

It was reported that the Zabbix frontend supported an XML data import feature, where on the server it used DOMDocument to parse the XML. By default, DOMDocument also parses the external DTD, which could allow a remote attacker to use a crafted XML file causing Zabbix to read an arbitrary local...

9.8CVSS8.8AI score0.05303EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2014/07/01 12:0 a.m.28 views

Fedora 20 : zabbix-2.0.12-3.fc20 (2014-7594)

Patch CVE-2014-3005 local file inclusion via XXE attack https://support.zabbix.com/browse/ZBX-8151 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

9.8CVSS8.2AI score0.05303EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2014/07/01 12:0 a.m.28 views

Fedora Update for zabbix FEDORA-2014-7594

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.05303EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2014/07/01 12:0 a.m.29 views

Fedora Update for zabbix FEDORA-2014-7603

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.79988EPSS
Exploits11References2
Rows per page
Query Builder