VYPR

Zabbix

by Zabbix

Source repositories

CVEs (118)

  • CVE-2013-5572Oct 1, 2013
    risk 0.03cvss epss 0.04

    Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.

  • CVE-2012-3435Aug 15, 2012
    risk 0.03cvss epss 0.04

    SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.

  • CVE-2011-4674Dec 2, 2011
    risk 0.03cvss epss 0.03

    SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter.

  • CVE-2009-4499Dec 31, 2009
    risk 0.03cvss epss 0.02

    SQL injection vulnerability in the get_history_lastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the send_history_last_id function in…

  • CVE-2008-1353Mar 17, 2008
    risk 0.03cvss epss 0.06

    zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.

  • CVE-2007-6210Dec 4, 2007
    risk 0.03cvss epss 0.01

    zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs "UserParameter" scripts with gid 0, which might allow local users to gain privileges.

  • CVE-2013-3738Feb 17, 2020
    risk 0.01cvss epss 0.03

    A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.

  • CVE-2026-23924Mar 24, 2026
    risk 0.00cvss epss 0.00

    Zabbix Agent 2 Docker plugin does not properly sanitize the 'docker.container_info' parameters when forwarding them to the Docker daemon. An attacker capable of invoking Agent 2 can read arbitrary files from running Docker containers by injecting them via the Docker archive API.

  • CVE-2026-23923Mar 24, 2026
    risk 0.00cvss epss 0.00

    An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.

  • CVE-2026-23921Mar 24, 2026
    risk 0.00cvss epss 0.00

    A low privilege Zabbix user with API access can exploit a blind SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL selects via the sortfield parameter. Although query results are not returned directly, an attacker can exfiltrate arbitrary…

  • CVE-2026-23920Mar 24, 2026
    risk 0.00cvss epss 0.00

    Host and event action script input is validated with a regex (set by the administrator), but the validation runs in multiline mode. If ^ and $ anchors are used in user input validation, an injected newline lets authenticated users bypass the check and inject shell commands.

  • CVE-2026-23919Mar 24, 2026
    risk 0.00cvss epss 0.00

    For performance reasons Zabbix Server/Proxy reuses JavaScript (Duktape) contexts (used in script items, JavaScript reprocessing, Webhooks). This can lead to confidentiality loss where a regular (non-super) Zabbix administrator leaks data for hosts they do not have access to. A…

  • CVE-2025-49643Dec 1, 2025
    risk 0.00cvss epss 0.00

    An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.

  • CVE-2025-27232Dec 1, 2025
    risk 0.00cvss epss 0.00

    An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.

  • CVE-2025-49641Oct 3, 2025
    risk 0.00cvss epss 0.00

    A regular Zabbix user with no permission to the Monitoring -> Problems view is still able to call the problem.view.refresh action and therefore still retrieve a list of active problems.

  • CVE-2025-27236Oct 3, 2025
    risk 0.00cvss epss 0.00

    A regular Zabbix user can search other users in their user group via Zabbix API by select fields the user does not have access to view. This allows data-mining some field values the user does not have access to.

  • CVE-2025-27231Oct 3, 2025
    risk 0.00cvss epss 0.00

    The LDAP 'Bind password' value cannot be read after saving, but a Super Admin account can leak it by changing LDAP 'Host' to a rogue LDAP server. To mitigate this, the 'Bind password' value is now reset on 'Host' change.

  • CVE-2025-27240Sep 12, 2025
    risk 0.00cvss epss 0.01

    A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field.

  • CVE-2025-27238Sep 12, 2025
    risk 0.00cvss epss 0.00

    Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them.

  • CVE-2024-45700Apr 2, 2025
    risk 0.00cvss epss 0.00

    Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations,…

Page 2 of 6