ROS-20260216-73-0025

A vulnerability in the Zabbix IT infrastructure monitoring system is related to insufficient server-side request validation. Exploitation of the vulnerability could allow an attacker acting remotely to gain read access to the data...

ROS-20250616-22

A vulnerability in the Zabbix Universal Monitoring System server is related to excessive data output by an by the application. Exploitation of the vulnerability could allow a remote attacker to gain access to potentially sensitive information. to potentially sensitive information. A vulnerability...

ROS-20250616-23

The vulnerability of the Zabbix universal monitoring system web-integrity is related to the failure to take measures to protect the web page structure. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct a cross-site scripting attack b...

ROS-20250616-24

The vulnerability of the Zabbix universal monitoring system web-integrity is related to the failure to take measures to protect the web page structure. the structure of the web page. Exploitation of the vulnerability could allow an attacker acting remotely, conduct a cross-site scripting attack b...

The vulnerability of the API component of the Zabbix monitoring system allows a hacker to disclose protected information.

The vulnerability of the API component of the Zabbix monitoring system is related to incorrect authentication. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information that should be protected...

The vulnerability of the server of the Zabbix universal monitoring system allows a intruder to trigger a service failure.

The vulnerability of the Zabbix universal monitoring system is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...

ROS-20250505-05

The vulnerability of the Zabbix universal monitoring system is related to insufficient cleansing of user data passed via the "groupBy" parameter in include/classes/api/CApiService.php. Exploitation of the vulnerability could allow a remote attacker to execute arbitrary SQL queries in the database...

A Virtual Cybersecurity Department for Securing Digital Twins in Water Distribution Systems

Digital twins DTs help improve real-time monitoring and decision-making in water distribution systems. However, their connectivity makes them easy targets for cyberattacks such as scanning, denial-of-service DoS, and unauthorized access. Small and medium-sized enterprises SMEs that manage these...

[SECURITY] Fedora 40 Update: zabbix-6.0.39-1.fc40

Zabbix is software that monitors numerous parameters of a network and the health and integrity of servers. Zabbix uses a flexible notification mechanism that allows users to configure e-mail based alerts for virtually any event. This allows a fast reaction to server problems. Zabbix offers...

The vulnerability of the Zabbix universal monitoring system lies in insufficient validation of input data, which allows attackers to escalate their privileges.

The vulnerability of the Zabbix universal monitoring system is related to insufficient verification of input data. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

ROS-20241216-06

A vulnerability in the Single sign-on SSO authentication mechanism of the Zabbix universal monitoring system is related to authentication bypass via spoofing. Exploitation of the vulnerability could allow an attacker acting remotely to bypass existing security restrictions and elevate their...

ROS-20241212-04

Vulnerability of addRelatedObjects function of Zabbix universal monitoring system is related to failure to take measures to protect SQL query structure. to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker acting remotely to escalate his privileges by...

The vulnerability of the Duktape component in the Zabbix monitoring system, related to unvalidated array indexing, allows a intruder to trigger a service failure.

The vulnerability of the Duktape component in the Zabbix monitoring system is related to unvalidated array indexing. Exploiting this vulnerability could allow a malicious actor to cause service failures...

The vulnerability of the “Host Monitoring” component of the Zabbix monitoring system allows a attacker to execute arbitrary code.

The vulnerability of the “Host Monitoring” component in the Zabbix monitoring system is related to improper code generation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting it into the ping script...

The vulnerability of the agent in the Zabbix monitoring system arises from the incorrect assignment of permissions for critical resources, allowing a perpetrator to execute arbitrary code.

The vulnerability of the Zabbix universal monitoring agent is related to the incorrect assignment of permissions for critical resources. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary code...

The components of the Zabbix monitoring system are vulnerable. This universal monitoring system allows attackers to access confidential data and compromise its integrity.

The vulnerability of various components of the Zabbix monitoring system’s universal architecture is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data and compromise its integrity...

The vulnerability of the Zabbix universal monitoring system, related to the lack of measures taken to protect the website structure, allows attackers to compromise data integrity.

The vulnerability of the Zabbix universal monitoring system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...

The vulnerability of the Zabbix universal monitoring system, related to the lack of measures taken to protect the website structure, allows attackers to gain access to confidential data and compromise its integrity.

The vulnerability of the Zabbix universal monitoring system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data and compromise its integrity...

The vulnerability of the Zabbix universal monitoring system, related to incorrect authorization, allows a intruder to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Zabbix universal monitoring system is related to the improper implementation of IP address checking. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data, compromise its integrity, and even cause service failures...

The vulnerability of the Zabbix universal monitoring system, related to the lack of measures taken to protect the website structure, allows attackers to compromise data integrity.

The vulnerability of the Zabbix universal monitoring system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...