8 matches found
ROS-20260401-73-0048
Vulnerability in zabbix-lts related to a flaw in the authorization mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...
CVE-2026-23921
A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL selects via the sortfield parameter. Although query results are not returned directly, an attacker can exfiltrate arbitrary database data...
UBUNTU-CVE-2026-23921
A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL selects via the sortfield parameter. Although query results are not returned directly, an attacker can exfiltrate arbitrary database data...
UBUNTU-CVE-2025-27236
A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to...
ROS-20250326-08
A vulnerability in the snmptrapd daemon of the Zabbix universal monitoring system is related to improper processing of the output data for logs. Exploitation of the vulnerability could allow an attacker, acting remotely, to spoof the user interface Vulnerability of strbase64encoderfc2047 function...
The vulnerability of the atob method in the universal monitoring system Zabbix allows attackers to compromise the integrity of the protected information.
The vulnerability of the atob method in the Zabbix universal monitoring system is related to access to a critical private variable through a publicly accessible method. Exploiting this vulnerability allows an attacker to compromise the integrity of the protected information...
The vulnerability of the Zabbix universal monitoring system, related to the lack of measures taken to protect the website structure, allows attackers to gain access to confidential data and compromise its integrity.
The vulnerability of the Zabbix universal monitoring system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability can allow a malicious actor to gain access to confidential data and compromise its integrity...
The vulnerability of the Zabbix universal monitoring system, related to the lack of measures taken to protect the website structure, allows attackers to compromise data integrity.
The vulnerability of the Zabbix universal monitoring system is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of the data...