Lucene search
K

7 matches found

AstraLinux
AstraLinux
added 2025/02/11 7:35 a.m.4 views

Astra Linux – Vulnerability in Zabbix

A authenticated user with API access e.g., a user with the default User role can be added to any group e.g., Zabbix Administrators. Specifically, a user with access to the user.update API endpoint can be added to any group, except for groups that are disabled or have restricted GUI access...

8.8CVSS7.2AI score0.0073EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2024/11/27 7:15 a.m.4 views

CVE-2024-36467

An authenticated user with API access e.g.: user with default User role, more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group e.g.: Zabbix Administrators, except to groups that are disabled or having restricted GUI access...

8.8CVSS7AI score0.0073EPSS
Exploits1References1
OSV
OSV
added 2024/11/27 7:15 a.m.3 views

DEBIAN-CVE-2024-36467

An authenticated user with API access e.g.: user with default User role, more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group e.g.: Zabbix Administrators, except to groups that are disabled or having restricted GUI access...

8.8CVSS7.2AI score0.0073EPSS
Exploits1References1
OSV
OSV
added 2024/11/27 7:15 a.m.1 views

UBUNTU-CVE-2024-36467

An authenticated user with API access e.g.: user with default User role, more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group e.g.: Zabbix Administrators, except to groups that are disabled or having restricted GUI access...

8.8CVSS5.8AI score0.0073EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2012/09/19 12:0 a.m.24 views

Debian: Security Advisory (DSA-2480-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS6.7AI score0.03101EPSS
Exploits0References3
Debian
Debian
added 2012/05/27 8:56 p.m.51 views

[BSA-071] Security Update for request-tracker4

Dominic Hargreaves uploaded new packages for request-tracker4 which fixed the following security problems: CVE-2011-2082 The vulnerable-passwords scripts introduced for CVE-2011-0009 failed to correct the password hashes of disabled users. CVE-2011-2083 Several cross-site scripting issues have be...

6.8CVSS7.8AI score0.03101EPSS
Exploits0
OSV
OSV
added 2012/05/24 12:0 a.m.21 views

DSA-2480-1 request-tracker3.8 - several

Bulletin has no description...

6.8CVSS6AI score0.03101EPSS
Exploits0
Rows per page
Query Builder