38 matches found
Astra Linux - уязвимость в zabbix
JavaScript preprocessing can be exploited by attackers to gain access to the file system read-only access on behalf of the user “zabbix” on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...
CVE-2026-23919
A flaw was found in Zabbix Server and Proxy. This vulnerability arises from the system's reuse of JavaScript Duktape contexts, which are execution environments for JavaScript code. A regular Zabbix administrator, even without superuser privileges, can exploit this to access and leak sensitive dat...
DEBIAN-CVE-2026-23919
For performance reasons Zabbix Server/Proxy reuses JavaScript Duktape contexts used in script items, JavaScript reprocessing, Webhooks. This can lead to confidentiality loss where a regular non-super Zabbix administrator leaks data for hosts they do not have access to. A fix has been released tha...
CVE-2026-23919
For performance reasons Zabbix Server/Proxy reuses JavaScript Duktape contexts used in script items, JavaScript reprocessing, Webhooks. This can lead to confidentiality loss where a regular non-super Zabbix administrator leaks data for hosts they do not have access to. A fix has been released tha...
CVE-2026-23919 Insufficient isolation of JavaScript (Duktape) execution context on Zabbix Server
For performance reasons Zabbix Server/Proxy reuses JavaScript Duktape contexts used in script items, JavaScript reprocessing, Webhooks. This can lead to confidentiality loss where a regular non-super Zabbix administrator leaks data for hosts they do not have access to. A fix has been released tha...
EUVD-2023-33020
Malicious code in bioql PyPI...
Zabbix Proxy Installed (Linux)
Binary data zabbixproxynixinstalled.nbin...
CVE-2024-36468
CVE-2024-36468 describes a stack buffer overflow in the Zabbix server/proxy code, specifically in the function zbx_snmp_cache_handle_engineid . The issue arises when copying data from session->securityEngineID to local_record.engineid without proper bounds checking, enabling an out-of-bounds w...
SUSE CVE-2023-29451
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
CVE-2023-29451
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
CVE-2023-29451
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
DEBIAN-CVE-2023-29451
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
CVE-2023-29451
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
CVE-2023-29451
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
CVE-2023-29451 Denial of service caused by a bug in the JSON parser
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
CVE-2023-29451 Denial of service caused by a bug in the JSON parser
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy...
DEBIAN-CVE-2023-29450
JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...
CVE-2023-29450
JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...
UBUNTU-CVE-2023-29450
JavaScript pre-processing can be used by the attacker to gain access to the file system read-only access on behalf of user "zabbix" on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data...
CVE-2023-29450
CVE-2023-29450 is a Zabbix vulnerability where JavaScript pre-processing can be used to gain read-only filesystem access on the Zabbix Server/Proxy on behalf of user “zabbix,” enabling potential exposure of sensitive data. Publicly documented variants in connected advisories (e.g., Debian DLA/DLA...