User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard.
CVSS Score
4.3
EPSS Score
0.001
Published
2024-08-12
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-02-09
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.
CVSS Score
9.1
EPSS Score
0.007
Published
2023-10-12
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.
CVSS Score
7.6
EPSS Score
0.007
Published
2023-10-12
Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.
CVSS Score
4.7
EPSS Score
0.001
Published
2023-07-13
Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.
CVSS Score
5.9
EPSS Score
0.001
Published
2023-07-13
Page 2