Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

51 – 60 of 86 results


CVE-2019-17382

Negligible priority
Ignored

An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not in release Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-15132

Low priority

Some fixes available 4 of 7

Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the "Login name or password is incorrect" and...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not in release Not affected Fixed Fixed Fixed
Show less packages

CVE-2016-10742

Medium priority
Fixed

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected Not affected Fixed Not affected
Show less packages

CVE-2017-2825

High priority

Some fixes available 2 of 4

In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected Not affected Not affected Fixed
Show less packages

CVE-2017-2826

Low priority
Vulnerable

An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy,...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not in release Not affected Not affected Not affected Vulnerable
Show less packages

CVE-2014-3005

Medium priority

Some fixes available 1 of 4

XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected Not affected Not affected Not affected
Show less packages

CVE-2017-2824

High priority

Some fixes available 2 of 5

An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected Not affected Not affected Fixed
Show less packages

CVE-2016-10134

Medium priority

Some fixes available 1 of 2

SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected Not affected Not affected Not affected
Show less packages

CVE-2016-4338

Medium priority

Some fixes available 1 of 6

The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers...

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected Not affected Not affected Not affected
Show less packages

CVE-2014-1685

Medium priority
Ignored

The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote "Zabbix Admin" users to modify the media of arbitrary users via unspecified vectors.

1 affected packages

zabbix

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
zabbix Not affected
Show less packages