Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/295372?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/295372?format=api", "purl": "pkg:deb/debian/zabbix@1:1.1.4-10", "type": "deb", "namespace": "debian", "name": "zabbix", "version": "1:1.1.4-10", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "1:7.0.9+dfsg-1~bpo12+1", "latest_non_vulnerable_version": "1:7.0.9+dfsg-1~bpo12+1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107037?format=api", "vulnerability_id": "VCID-1b34-bndb-zub9", "summary": "zabbix_agentd in Zabbix before 1.8.6 and 1.9.x before 1.9.4 allows context-dependent attackers to cause a denial of service (CPU consumption) by executing the vfs.file.cksum command for a special device, as demonstrated by the /dev/urandom device.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3263", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65236", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00476", "scoring_system": "epss", "scoring_elements": "0.65278", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3263" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3263", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3263" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-3263" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1b34-bndb-zub9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107038?format=api", "vulnerability_id": "VCID-1du6-kdnf-fyb5", "summary": "Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php, which reveals the installation path in an error message.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3264", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.64156", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00455", "scoring_system": "epss", "scoring_elements": "0.64201", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3264" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3264", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3264" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-3264" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1du6-kdnf-fyb5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107031?format=api", "vulnerability_id": "VCID-1s1b-qk2v-zkcd", "summary": "The zbx_get_next_field function in libs/zbxcommon/str.c in Zabbix Server before 1.6.8 allows remote attackers to cause a denial of service (crash) via a request that lacks expected separators, which triggers a NULL pointer dereference, as demonstrated using the Command keyword.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4501", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04567", "scoring_system": "epss", "scoring_elements": "0.89389", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04567", "scoring_system": "epss", "scoring_elements": "0.89407", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4501" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4501", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4501" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613", "reference_id": "562613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2009-4501" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1s1b-qk2v-zkcd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107138?format=api", "vulnerability_id": "VCID-21tq-54r3-cqec", "summary": "Zabbix server is vulnerable to a DoS vulnerability due to uncontrolled resource exhaustion. An attacker can send specially crafted requests to the server, which will cause the server to allocate an excessive amount of memory and perform CPU-intensive decompression operations, ultimately leading to a service crash.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45700", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0015", "scoring_system": "epss", "scoring_elements": "0.35378", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45700" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45700", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45700" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-26253", "reference_id": "ZBX-26253", "reference_type": "", "scores": [ { "value": "6", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:27:38Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-26253" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-45700" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-21tq-54r3-cqec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107101?format=api", "vulnerability_id": "VCID-2jas-5kc1-puat", "summary": "The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32722", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00357", "scoring_system": "epss", "scoring_elements": "0.58319", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32722" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32722", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32722" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23390", "reference_id": "ZBX-23390", "reference_type": "", "scores": [ { "value": "9.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-18T15:26:49Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23390" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-32722" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2jas-5kc1-puat" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107065?format=api", "vulnerability_id": "VCID-2vfp-e498-w7hk", "summary": "Zabbix through 4.4.0alpha1 allows User Enumeration. With login requests, it is possible to enumerate application usernames based on the variability of server responses (e.g., the \"Login name or password is incorrect\" and \"No permissions for system access\" messages, or just blocking for a number of seconds). This affects both api_jsonrpc.php and index.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66845", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00512", "scoring_system": "epss", "scoring_elements": "0.66885", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-15132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15132" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935027", "reference_id": "935027", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935027" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509864?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1" } ], "aliases": [ "CVE-2019-15132" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vfp-e498-w7hk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107135?format=api", "vulnerability_id": "VCID-35gu-ctk8-2yd2", "summary": "The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42333", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00131", "scoring_system": "epss", "scoring_elements": "0.32278", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42333" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42333", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42333" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689", "reference_id": "1088689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25629", "reference_id": "ZBX-25629", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:54:27Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25629" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-42333" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-35gu-ctk8-2yd2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107097?format=api", "vulnerability_id": "VCID-3azv-fsyx-n3fz", "summary": "Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29458", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00137", "scoring_system": "epss", "scoring_elements": "0.33415", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29458" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29458", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29458" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22989", "reference_id": "ZBX-22989", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:19:37Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22989" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29458" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3azv-fsyx-n3fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107117?format=api", "vulnerability_id": "VCID-3stx-z7ze-wbe8", "summary": "The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36460", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00446", "scoring_system": "epss", "scoring_elements": "0.63821", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36460" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36460", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36460" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25017", "reference_id": "ZBX-25017", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-09T15:04:09Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25017" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-36460" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3stx-z7ze-wbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107076?format=api", "vulnerability_id": "VCID-4c5a-bddp-pka5", "summary": "An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24917", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75753", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7578", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24917" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24917", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24917" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-24917" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4c5a-bddp-pka5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107059?format=api", "vulnerability_id": "VCID-4ev6-fuzz-rfcs", "summary": "The mysql user parameter configuration script (userparameter_mysql.conf) in the agent in Zabbix before 2.0.18, 2.2.x before 2.2.13, and 3.0.x before 3.0.3, when used with a shell other than bash, allows context-dependent attackers to execute arbitrary code or SQL commands via the mysql.size parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4338", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.4496", "scoring_system": "epss", "scoring_elements": "0.97654", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.4496", "scoring_system": "epss", "scoring_elements": "0.97658", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-4338" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4338", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4338" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823329", "reference_id": "823329", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823329" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39769.txt", "reference_id": "CVE-2016-4338", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/39769.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201612-42", "reference_id": "GLSA-201612-42", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-42" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517654?format=api", "purl": "pkg:deb/debian/zabbix@1:3.0.7%2Bdfsg-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:3.0.7%252Bdfsg-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-4338" ], "risk_score": 0.8, "exploitability": "2.0", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ev6-fuzz-rfcs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107049?format=api", "vulnerability_id": "VCID-52r6-1jr1-2feq", "summary": "Multiple SQL injection vulnerabilities in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.9rc1, and 2.1.x before 2.1.7.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5743", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.77788", "scoring_system": "epss", "scoring_elements": "0.99018", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.77788", "scoring_system": "epss", "scoring_elements": "0.99019", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5743" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5743", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5743" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/webapps/28972.rb", "reference_id": "CVE-2013-5743;OSVDB-98115", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/webapps/28972.rb" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2013-5743" ], "risk_score": 1.4, "exploitability": "2.0", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-52r6-1jr1-2feq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107098?format=api", "vulnerability_id": "VCID-5t3t-6uqs-akbk", "summary": "A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32721", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00715", "scoring_system": "epss", "scoring_elements": "0.72767", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32721" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32721", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32721" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-32721" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5t3t-6uqs-akbk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107051?format=api", "vulnerability_id": "VCID-5u6h-ypms-9kh6", "summary": "Zabbix before 5.0 represents passwords in the users table with unsalted MD5.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7484", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43689", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00212", "scoring_system": "epss", "scoring_elements": "0.43759", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-7484" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7484", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7484" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509864?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1" } ], "aliases": [ "CVE-2013-7484" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5u6h-ypms-9kh6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107072?format=api", "vulnerability_id": "VCID-5wgt-e67m-ffah", "summary": "During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23132", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.33974", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00141", "scoring_system": "epss", "scoring_elements": "0.34076", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23132" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23132", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23132" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-23132" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5wgt-e67m-ffah" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107036?format=api", "vulnerability_id": "VCID-6exg-t3xp-qqe2", "summary": "Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2904", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73796", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00765", "scoring_system": "epss", "scoring_elements": "0.73832", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-2904" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2904", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2904" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-2904" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6exg-t3xp-qqe2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107027?format=api", "vulnerability_id": "VCID-6x1m-q4gr-2kb8", "summary": "The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute arbitrary commands via a crafted request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4498", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.71776", "scoring_system": "epss", "scoring_elements": "0.98756", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4498" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4498", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4498" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613", "reference_id": "562613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20796.rb", "reference_id": "CVE-2009-4498;OSVDB-60965", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20796.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/10432.txt", "reference_id": "CVE-2009-4501;CVE-2009-4499;CVE-2009-4498;OSVDB-60968;OSVDB-60966;OSVDB-60965", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/10432.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2009-4498" ], "risk_score": 1.2, "exploitability": "2.0", "weighted_severity": "0.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6x1m-q4gr-2kb8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107132?format=api", "vulnerability_id": "VCID-75fb-vhhc-fbe8", "summary": "The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. The problem is that the returned strings are created directly from the data returned by the server and are not correctly encoded for JavaScript. This allows to create internal strings that can be used to access hidden properties of objects.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42330", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0023", "scoring_system": "epss", "scoring_elements": "0.45951", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42330" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42330", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42330" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689", "reference_id": "1088689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25626", "reference_id": "ZBX-25626", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:12:32Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25626" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-42330" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-75fb-vhhc-fbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107103?format=api", "vulnerability_id": "VCID-8eb9-mxpg-5kf2", "summary": "Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32724", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0072", "scoring_system": "epss", "scoring_elements": "0.72887", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32724" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32724", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32724" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23391", "reference_id": "ZBX-23391", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:43:17Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23391" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-32724" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8eb9-mxpg-5kf2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107032?format=api", "vulnerability_id": "VCID-93tm-fkvp-1kba", "summary": "The NET_TCP_LISTEN function in net.c in Zabbix Agent before 1.6.7, when running on FreeBSD or Solaris, allows remote attackers to bypass the EnableRemoteCommands setting and execute arbitrary commands via shell metacharacters in the argument to net.tcp.listen. NOTE: this attack is limited to attacks from trusted IP addresses.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4502", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.64138", "scoring_system": "epss", "scoring_elements": "0.98454", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.64138", "scoring_system": "epss", "scoring_elements": "0.98456", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4502" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4502", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4502" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613", "reference_id": "562613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/16918.rb", "reference_id": "CVE-2009-4502;OSVDB-60956", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/freebsd/remote/16918.rb" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/10431.txt", "reference_id": "CVE-2009-4502;OSVDB-60956", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/10431.txt" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2009-4502" ], "risk_score": 1.2, "exploitability": "2.0", "weighted_severity": "0.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-93tm-fkvp-1kba" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107028?format=api", "vulnerability_id": "VCID-9s7r-kv5y-ska8", "summary": "SQL injection vulnerability in the get_history_lastid function in the nodewatcher component in Zabbix Server before 1.6.8 allows remote attackers to execute arbitrary SQL commands via a crafted request, possibly related to the send_history_last_id function in zabbix_server/trapper/nodehistory.c.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4499", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.4779", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00243", "scoring_system": "epss", "scoring_elements": "0.47853", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4499" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4499", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4499" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613", "reference_id": "562613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2009-4499" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9s7r-kv5y-ska8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107112?format=api", "vulnerability_id": "VCID-ambh-afzs-2kg9", "summary": "The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22119", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00423", "scoring_system": "epss", "scoring_elements": "0.62467", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22119" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22119", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22119" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00020.html", "reference_id": "msg00020.html", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T14:54:06Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00020.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-24070", "reference_id": "ZBX-24070", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-02-22T14:54:06Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-24070" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-22119" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ambh-afzs-2kg9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107116?format=api", "vulnerability_id": "VCID-beqm-vczf-dqgj", "summary": "Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22123", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00402", "scoring_system": "epss", "scoring_elements": "0.61169", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22123" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22123", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22123" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25013", "reference_id": "ZBX-25013", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:40:56Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25013" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-22123" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-beqm-vczf-dqgj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107075?format=api", "vulnerability_id": "VCID-bm7b-qurk-2qdk", "summary": "An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24349", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.75232", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00849", "scoring_system": "epss", "scoring_elements": "0.75261", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24349" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24349", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24349" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-24349" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bm7b-qurk-2qdk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107033?format=api", "vulnerability_id": "VCID-bpv9-1cmc-kbc6", "summary": "SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 allows remote attackers to execute arbitrary SQL commands via the user parameter in JSON data to api_jsonrpc.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1277", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01516", "scoring_system": "epss", "scoring_elements": "0.8155", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01516", "scoring_system": "epss", "scoring_elements": "0.81579", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-1277" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1277", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1277" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577058", "reference_id": "577058", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=577058" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2010-1277" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bpv9-1cmc-kbc6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107107?format=api", "vulnerability_id": "VCID-buz8-zycr-tbh2", "summary": "An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32727", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00464", "scoring_system": "epss", "scoring_elements": "0.64715", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32727" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32727", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32727" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23857", "reference_id": "ZBX-23857", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-05-07T20:37:31Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23857" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-32727" ], "risk_score": 1.7, "exploitability": "0.5", "weighted_severity": "3.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-buz8-zycr-tbh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107040?format=api", "vulnerability_id": "VCID-d559-8s22-gybe", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgroups.php and (2) usergrps.php, the update action to (3) hosts.php and (4) scripts.php, and (5) maintenance.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4615", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6815", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00545", "scoring_system": "epss", "scoring_elements": "0.6819", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4615" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4615", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4615" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652664", "reference_id": "652664", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652664" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-4615" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d559-8s22-gybe" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107046?format=api", "vulnerability_id": "VCID-d55m-pwq1-nqcc", "summary": "The user.login function in Zabbix before 1.8.16 and 2.x before 2.0.5rc1 allows remote attackers to override LDAP configuration via the cnf parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1364", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00441", "scoring_system": "epss", "scoring_elements": "0.63561", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00441", "scoring_system": "epss", "scoring_elements": "0.63603", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-1364" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1364", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1364" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698541", "reference_id": "698541", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=698541" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2013-1364" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d55m-pwq1-nqcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107030?format=api", "vulnerability_id": "VCID-dvhf-ffyq-c7ej", "summary": "The process_trap function in trapper/trapper.c in Zabbix Server before 1.6.6 allows remote attackers to cause a denial of service (crash) via a crafted request with data that lacks an expected : (colon) separator, which triggers a NULL pointer dereference.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4500", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.73123", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00734", "scoring_system": "epss", "scoring_elements": "0.7316", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2009-4500" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4500", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4500" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613", "reference_id": "562613", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=562613" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2009-4500" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dvhf-ffyq-c7ej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107034?format=api", "vulnerability_id": "VCID-ewgr-1z26-pfev", "summary": "Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the (1) filter_set, (2) show_details, (3) filter_rst, or (4) txt_select parameters to the triggers page (tr_status.php). NOTE: some of these details are obtained from third party information.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2790", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.6358", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63623", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-2790" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2790", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2790" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594304", "reference_id": "594304", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=594304" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2010-2790" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ewgr-1z26-pfev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107094?format=api", "vulnerability_id": "VCID-fefk-6mjh-67fm", "summary": "Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29455", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01231", "scoring_system": "epss", "scoring_elements": "0.79538", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29455" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29455", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29455" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:45Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22986", "reference_id": "ZBX-22986", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:45Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22986" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29455" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fefk-6mjh-67fm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107026?format=api", "vulnerability_id": "VCID-gct4-2z4m-kbe1", "summary": "zabbix_agentd in ZABBIX 1.4.4 allows remote attackers to cause a denial of service (CPU and connection consumption) via multiple vfs.file.cksum commands with a special device node such as /dev/urandom or /dev/zero.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1353.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-1353.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1353", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05858", "scoring_system": "epss", "scoring_elements": "0.90724", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05858", "scoring_system": "epss", "scoring_elements": "0.90736", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2008-1353" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1353", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1353" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=437848", "reference_id": "437848", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=437848" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471678", "reference_id": "471678", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471678" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/31403.txt", "reference_id": "CVE-2008-1353;OSVDB-42944", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/unix/dos/31403.txt" }, { "reference_url": "https://www.securityfocus.com/bid/28244/info", "reference_id": "CVE-2008-1353;OSVDB-42944", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/28244/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295374?format=api", "purl": "pkg:deb/debian/zabbix@1:1.4.6-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b34-bndb-zub9" }, { "vulnerability": "VCID-1du6-kdnf-fyb5" }, { "vulnerability": "VCID-1s1b-qk2v-zkcd" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-52r6-1jr1-2feq" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-6exg-t3xp-qqe2" }, { "vulnerability": "VCID-6x1m-q4gr-2kb8" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-93tm-fkvp-1kba" }, { "vulnerability": "VCID-9s7r-kv5y-ska8" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-bpv9-1cmc-kbc6" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-d559-8s22-gybe" }, { "vulnerability": "VCID-d55m-pwq1-nqcc" }, { "vulnerability": "VCID-dvhf-ffyq-c7ej" }, { "vulnerability": "VCID-ewgr-1z26-pfev" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gf1n-c45z-rye2" }, { "vulnerability": "VCID-gye4-mc6e-8uff" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h7n5-ykw5-n3hm" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hv42-ctsb-nkfb" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-km9b-ugb1-yucs" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-n3g7-yr8w-5fcf" }, { "vulnerability": "VCID-nan2-qhcz-xbc1" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-rkzq-f7dh-y7h7" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vn84-cpw4-33de" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wh67-jsgy-gbe8" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ye9q-8r9w-pudz" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:1.4.6-1" } ], "aliases": [ "CVE-2008-1353" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gct4-2z4m-kbe1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107078?format=api", "vulnerability_id": "VCID-gda8-xx5v-u7g2", "summary": "An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24918", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.7696", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0097", "scoring_system": "epss", "scoring_elements": "0.76993", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24918" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24918", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24918" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-24918" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gda8-xx5v-u7g2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107050?format=api", "vulnerability_id": "VCID-gf1n-c45z-rye2", "summary": "Zabbix before 1.8.19rc1, 2.0 before 2.0.10rc1, and 2.2 before 2.2.1rc1 allows remote Zabbix servers and proxies to execute arbitrary commands via a newline in a flexible user parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01469", "scoring_system": "epss", "scoring_elements": "0.81257", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01469", "scoring_system": "epss", "scoring_elements": "0.81285", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-6824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6824" }, { "reference_url": "https://security.gentoo.org/glsa/201401-26", "reference_id": "GLSA-201401-26", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201401-26" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2013-6824" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gf1n-c45z-rye2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107041?format=api", "vulnerability_id": "VCID-gye4-mc6e-8uff", "summary": "SQL injection vulnerability in popup.php in Zabbix 1.8.3 and 1.8.4, and possibly other versions before 1.8.9, allows remote attackers to execute arbitrary SQL commands via the only_hostid parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4674", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.58333", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00359", "scoring_system": "epss", "scoring_elements": "0.5838", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-4674" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4674", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4674" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651225", "reference_id": "651225", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651225" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18155.txt", "reference_id": "CVE-2011-4674;OSVDB-77509", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/18155.txt" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-4674" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-gye4-mc6e-8uff" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107096?format=api", "vulnerability_id": "VCID-h5fw-ktc6-rqd3", "summary": "Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29457", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00495", "scoring_system": "epss", "scoring_elements": "0.66151", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29457" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29457", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29457" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22988", "reference_id": "ZBX-22988", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:43Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22988" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29457" ], "risk_score": 2.9, "exploitability": "0.5", "weighted_severity": "5.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h5fw-ktc6-rqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107053?format=api", "vulnerability_id": "VCID-h7n5-ykw5-n3hm", "summary": "The Frontend in Zabbix before 1.8.20rc2, 2.0.x before 2.0.11rc2, and 2.2.x before 2.2.2rc1 allows remote \"Zabbix Admin\" users to modify the media of arbitrary users via unspecified vectors.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1685", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60628", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60677", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1685" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1685", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1685" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2014-1685" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h7n5-ykw5-n3hm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107063?format=api", "vulnerability_id": "VCID-h84c-eqxk-h7gb", "summary": "An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X. A specially crafted iConfig proxy request can cause the Zabbix server to send the configuration information of any Zabbix proxy, resulting in information disclosure. An attacker can make requests from an active Zabbix proxy to trigger this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2826", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49801", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00262", "scoring_system": "epss", "scoring_elements": "0.49863", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2826" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2826", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2826" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517656?format=api", "purl": "pkg:deb/debian/zabbix@1:4.0.4%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:4.0.4%252Bdfsg-1" } ], "aliases": [ "CVE-2017-2826" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-h84c-eqxk-h7gb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107133?format=api", "vulnerability_id": "VCID-hhsz-ba47-zka4", "summary": "In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. This heap pointer is subsequently utilized by the browser_push_error method in the src/libs/zbxembed/browser_error.c file. A use-after-free bug can occur at this stage if the wd->browser heap pointer is freed by garbage collection.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42331", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00045", "scoring_system": "epss", "scoring_elements": "0.14193", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42331" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42331", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42331" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689", "reference_id": "1088689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25627", "reference_id": "ZBX-25627", "reference_type": "", "scores": [ { "value": "3.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:55:25Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25627" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-42331" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hhsz-ba47-zka4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107057?format=api", "vulnerability_id": "VCID-hngy-fhf8-8uhy", "summary": "SQL injection vulnerability in Zabbix before 2.2.14 and 3.0 before 3.0.4 allows remote attackers to execute arbitrary SQL commands via the toggle_ids array parameter in latest.php.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10134", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.86228", "scoring_system": "epss", "scoring_elements": "0.99416", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.86228", "scoring_system": "epss", "scoring_elements": "0.99418", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10134" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10134", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10134" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850936", "reference_id": "850936", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850936" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-11023", "reference_id": "ZBX-11023", "reference_type": "", "scores": [], "url": "https://support.zabbix.com/browse/ZBX-11023" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295377?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.7%2Bdfsg-2%2Bdeb8u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.7%252Bdfsg-2%252Bdeb8u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/517654?format=api", "purl": "pkg:deb/debian/zabbix@1:3.0.7%2Bdfsg-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:3.0.7%252Bdfsg-1~bpo8%252B1" } ], "aliases": [ "CVE-2016-10134", "ZBX-11023" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hngy-fhf8-8uhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107058?format=api", "vulnerability_id": "VCID-hq72-xktp-uuar", "summary": "Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10742", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60644", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00394", "scoring_system": "epss", "scoring_elements": "0.60693", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-10742" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10742", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10742" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517656?format=api", "purl": "pkg:deb/debian/zabbix@1:4.0.4%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:4.0.4%252Bdfsg-1" } ], "aliases": [ "CVE-2016-10742" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hq72-xktp-uuar" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107039?format=api", "vulnerability_id": "VCID-hv42-ctsb-nkfb", "summary": "popup.php in Zabbix before 1.8.7 allows remote attackers to read the contents of arbitrary database tables via a modified srctbl parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3265", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.67029", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00516", "scoring_system": "epss", "scoring_elements": "0.6707", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-3265" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3265", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3265" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-3265" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hv42-ctsb-nkfb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107056?format=api", "vulnerability_id": "VCID-hww9-78k3-xqac", "summary": "Multiple SQL injection vulnerabilities in chart_bar.php in the frontend in Zabbix before 1.8.22, 2.0.x before 2.0.14, and 2.2.x before 2.2.8 allow remote attackers to execute arbitrary SQL commands via the (1) itemid or (2) periods parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64301", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00458", "scoring_system": "epss", "scoring_elements": "0.64345", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-9450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9450" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774750", "reference_id": "774750", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774750" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295376?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.7%2Bdfsg-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.7%252Bdfsg-2" } ], "aliases": [ "CVE-2014-9450" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hww9-78k3-xqac" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107106?format=api", "vulnerability_id": "VCID-jate-jey2-n3g1", "summary": "The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32726", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32566", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32726" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32726", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32726" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-32726" ], "risk_score": 1.3, "exploitability": "0.5", "weighted_severity": "2.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jate-jey2-n3g1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107079?format=api", "vulnerability_id": "VCID-jcd1-hyep-c3h3", "summary": "An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24919", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.75753", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00882", "scoring_system": "epss", "scoring_elements": "0.7578", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-24919" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24919", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24919" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-24919" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jcd1-hyep-c3h3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107120?format=api", "vulnerability_id": "VCID-jkcz-zpks-ubgz", "summary": "The implementation of atob in \"Zabbix JS\" allows to create a string with arbitrary content and use it to access internal properties of objects.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36463", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00378", "scoring_system": "epss", "scoring_elements": "0.59676", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36463" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36463", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36463" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25611", "reference_id": "ZBX-25611", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T16:21:34Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25611" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-36463" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jkcz-zpks-ubgz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107124?format=api", "vulnerability_id": "VCID-jked-29nn-tqe3", "summary": "An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group (e.g.: Zabbix Administrators), except to groups that are disabled or having restricted GUI access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36467", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00608", "scoring_system": "epss", "scoring_elements": "0.70143", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36467" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36467", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36467" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689", "reference_id": "1088689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25614", "reference_id": "ZBX-25614", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-12-04T04:55:25Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25614" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-36467" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jked-29nn-tqe3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107136?format=api", "vulnerability_id": "VCID-jx4z-thz3-rbdw", "summary": "The endpoint /zabbix.php?action=export.valuemaps suffers from a Cross-Site Scripting vulnerability via the backurl parameter. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload may be injected into the above endpoint causing it to be executed within the context of the victim's browser.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45699", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00142", "scoring_system": "epss", "scoring_elements": "0.34152", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-45699" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45699", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45699" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-26254", "reference_id": "ZBX-26254", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T16:28:20Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-26254" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-45699" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jx4z-thz3-rbdw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107061?format=api", "vulnerability_id": "VCID-k2yk-am7q-kfa6", "summary": "In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. An attacker can set up a Man-in-the-Middle server to alter trapper requests made between an active Zabbix proxy and Server to trigger this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2825", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00626", "scoring_system": "epss", "scoring_elements": "0.70588", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00626", "scoring_system": "epss", "scoring_elements": "0.70631", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2825" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2825", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2825" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863584", "reference_id": "863584", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863584" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295377?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.7%2Bdfsg-2%2Bdeb8u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.7%252Bdfsg-2%252Bdeb8u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/517655?format=api", "purl": "pkg:deb/debian/zabbix@1:3.0.7%2Bdfsg-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:3.0.7%252Bdfsg-3" } ], "aliases": [ "CVE-2017-2825" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k2yk-am7q-kfa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107141?format=api", "vulnerability_id": "VCID-k8pk-h464-kuek", "summary": "Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. In Zabbix 5.0 this allows for remote code execution.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27234", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00164", "scoring_system": "epss", "scoring_elements": "0.37262", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-27234" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27234", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-27234" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-26985", "reference_id": "ZBX-26985", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-12T15:16:38Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-26985" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2025-27234" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k8pk-h464-kuek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107048?format=api", "vulnerability_id": "VCID-km9b-ugb1-yucs", "summary": "Zabbix 2.0.5 allows remote authenticated users to discover the LDAP bind password by leveraging management-console access and reading the ldap_bind_password value in the HTML source code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5572", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.07821", "scoring_system": "epss", "scoring_elements": "0.92126", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.07821", "scoring_system": "epss", "scoring_elements": "0.92138", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-5572" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5572", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5572" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36157.rb", "reference_id": "CVE-2013-5572;OSVDB-97811", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/36157.rb" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2013-5572" ], "risk_score": 0.2, "exploitability": "2.0", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-km9b-ugb1-yucs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107095?format=api", "vulnerability_id": "VCID-mpy5-d7qa-u7fz", "summary": "URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00155", "scoring_system": "epss", "scoring_elements": "0.35985", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29456" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:19:48Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22987", "reference_id": "ZBX-22987", "reference_type": "", "scores": [ { "value": "5.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:19:48Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22987" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29456" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mpy5-d7qa-u7fz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107121?format=api", "vulnerability_id": "VCID-n38c-6usb-tkgq", "summary": "When exporting media types, the password is exported in the YAML in plain text. This appears to be a best practices type issue and may have no actual impact. The user would need to have permissions to access the media types and therefore would be expected to have access to these passwords.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36464", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00067", "scoring_system": "epss", "scoring_elements": "0.20955", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36464" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36464", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36464" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090030", "reference_id": "1090030", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090030" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25630", "reference_id": "ZBX-25630", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:27:15Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25630" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-36464" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n38c-6usb-tkgq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107035?format=api", "vulnerability_id": "VCID-n3g7-yr8w-5fcf", "summary": "SQL injection vulnerability in events.php in Zabbix 1.8.1 and earlier allows remote attackers to execute arbitrary SQL commands via the nav_time parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5049", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65754", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00487", "scoring_system": "epss", "scoring_elements": "0.65807", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2010-5049" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5049", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5049" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2010-5049" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-n3g7-yr8w-5fcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107047?format=api", "vulnerability_id": "VCID-nan2-qhcz-xbc1", "summary": "A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3738", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.09146", "scoring_system": "epss", "scoring_elements": "0.92833", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.09146", "scoring_system": "epss", "scoring_elements": "0.92844", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2013-3738" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3738", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3738" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2013-3738" ], "risk_score": 0.1, "exploitability": "0.5", "weighted_severity": "0.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nan2-qhcz-xbc1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107110?format=api", "vulnerability_id": "VCID-pgj4-u64z-17bt", "summary": "An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22116", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00497", "scoring_system": "epss", "scoring_elements": "0.66247", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22116" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22116", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22116" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25016", "reference_id": "ZBX-25016", "reference_type": "", "scores": [ { "value": "9.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-04T04:55:28Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25016" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-22116" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pgj4-u64z-17bt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107054?format=api", "vulnerability_id": "VCID-pz4p-6czt-akcb", "summary": "XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3005", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.89041", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04287", "scoring_system": "epss", "scoring_elements": "0.89058", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-3005" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3005", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3005" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751910", "reference_id": "751910", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751910" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295376?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.7%2Bdfsg-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.7%252Bdfsg-2" } ], "aliases": [ "CVE-2014-3005" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pz4p-6czt-akcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107052?format=api", "vulnerability_id": "VCID-rkzq-f7dh-y7h7", "summary": "The API in Zabbix before 1.8.20rc1, 2.0.x before 2.0.11rc1, and 2.2.x before 2.2.2rc1 allows remote authenticated users to spoof arbitrary users via the user name in a user.login request.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1682", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48758", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00252", "scoring_system": "epss", "scoring_elements": "0.48819", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2014-1682" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1682", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1682" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737818", "reference_id": "737818", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=737818" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2014-1682" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-rkzq-f7dh-y7h7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107081?format=api", "vulnerability_id": "VCID-s4mv-539d-33cm", "summary": "An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75619", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00874", "scoring_system": "epss", "scoring_elements": "0.75647", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35230" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014994", "reference_id": "1014994", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014994" }, { "reference_url": "https://usn.ubuntu.com/6751-1/", "reference_id": "USN-6751-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6751-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-35230" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s4mv-539d-33cm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107089?format=api", "vulnerability_id": "VCID-sc8u-4w9c-23ev", "summary": "JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user \"zabbix\") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29450", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00309", "scoring_system": "epss", "scoring_elements": "0.54388", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29450" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29450", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29450" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22588", "reference_id": "ZBX-22588", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-06T14:20:54Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22588" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29450" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sc8u-4w9c-23ev" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107070?format=api", "vulnerability_id": "VCID-sjge-qncn-2ufr", "summary": "In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the CControllerAuthenticationUpdate controller lacks a CSRF protection mechanism. The code inside this controller calls diableSIDValidation inside the init() method. An attacker doesn't have to know Zabbix user login credentials, but has to know the correct Zabbix URL and contact information of an existing user with sufficient privileges.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27927", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24882", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00086", "scoring_system": "epss", "scoring_elements": "0.24977", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-27927" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27927", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-27927" }, { "reference_url": "https://security.archlinux.org/AVG-1771", "reference_id": "AVG-1771", "reference_type": "", "scores": [ { "value": "Medium", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-1771" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509864?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1" } ], "aliases": [ "CVE-2021-27927" ], "risk_score": 3.1, "exploitability": "0.5", "weighted_severity": "6.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sjge-qncn-2ufr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107109?format=api", "vulnerability_id": "VCID-t864-v2g6-jbhk", "summary": "User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22114", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.38855", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22114" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22114", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22114" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25015", "reference_id": "ZBX-25015", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:39:48Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25015" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-22114" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t864-v2g6-jbhk" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107080?format=api", "vulnerability_id": "VCID-tt47-6swy-n3cw", "summary": "An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74554", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00808", "scoring_system": "epss", "scoring_elements": "0.74585", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-35229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35229" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014992", "reference_id": "1014992", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014992" }, { "reference_url": "https://usn.ubuntu.com/6751-1/", "reference_id": "USN-6751-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6751-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-35229" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt47-6swy-n3cw" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107069?format=api", "vulnerability_id": "VCID-tt64-mrch-fbe4", "summary": "Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15803", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.05067", "scoring_system": "epss", "scoring_elements": "0.89957", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.05067", "scoring_system": "epss", "scoring_elements": "0.89972", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-15803" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15803", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15803" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966146", "reference_id": "966146", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966146" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509864?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1" } ], "aliases": [ "CVE-2020-15803" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-tt64-mrch-fbe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107087?format=api", "vulnerability_id": "VCID-u4hp-dwsj-53b9", "summary": "JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29449", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0086", "scoring_system": "epss", "scoring_elements": "0.75407", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29449" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29449", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29449" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22589", "reference_id": "ZBX-22589", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:25:49Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22589" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29449" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-u4hp-dwsj-53b9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107118?format=api", "vulnerability_id": "VCID-ubyg-pbmy-ekds", "summary": "Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36461", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00725", "scoring_system": "epss", "scoring_elements": "0.72995", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36461" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36461", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36461" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25018", "reference_id": "ZBX-25018", "reference_type": "", "scores": [ { "value": "9.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T15:21:52Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25018" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-36461" ], "risk_score": 2.2, "exploitability": "0.5", "weighted_severity": "4.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ubyg-pbmy-ekds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107102?format=api", "vulnerability_id": "VCID-uwcx-u9aa-jfa6", "summary": "Request to LDAP is sent before user permissions are checked.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32723", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00126", "scoring_system": "epss", "scoring_elements": "0.31409", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-32723" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32723", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32723" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877", "reference_id": "1053877", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053877" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html", "reference_id": "msg00012.html", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:43:34Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00012.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-23230", "reference_id": "ZBX-23230", "reference_type": "", "scores": [ { "value": "8.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-17T13:43:34Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-23230" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509864?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1" } ], "aliases": [ "CVE-2023-32723" ], "risk_score": 3.9, "exploitability": "0.5", "weighted_severity": "7.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uwcx-u9aa-jfa6" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107067?format=api", "vulnerability_id": "VCID-vmfc-87jp-uub5", "summary": "An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17382", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.93689", "scoring_system": "epss", "scoring_elements": "0.99856", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.93689", "scoring_system": "epss", "scoring_elements": "0.99857", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-17382" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17382", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17382" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/509864?format=api", "purl": "pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1" } ], "aliases": [ "CVE-2019-17382" ], "risk_score": 1.6, "exploitability": "2.0", "weighted_severity": "0.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vmfc-87jp-uub5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107045?format=api", "vulnerability_id": "VCID-vn84-cpw4-33de", "summary": "libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6086", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.4115", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00194", "scoring_system": "epss", "scoring_elements": "0.41225", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-6086" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6086", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-6086" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697443", "reference_id": "697443", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697443" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2012-6086" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vn84-cpw4-33de" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107127?format=api", "vulnerability_id": "VCID-vuzz-by1n-aff9", "summary": "Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42325", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00053", "scoring_system": "epss", "scoring_elements": "0.17113", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42325" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42325", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42325" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-26258", "reference_id": "ZBX-26258", "reference_type": "", "scores": [ { "value": "2.1", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T14:48:54Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-26258" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-42325" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vuzz-by1n-aff9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107060?format=api", "vulnerability_id": "VCID-vy7n-a2u2-euad", "summary": "An exploitable code execution vulnerability exists in the trapper command functionality of Zabbix Server 2.4.X. A specially crafted set of packets can cause a command injection resulting in remote code execution. An attacker can make requests from an active Zabbix Proxy to trigger this vulnerability.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2824", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.73548", "scoring_system": "epss", "scoring_elements": "0.98826", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.73548", "scoring_system": "epss", "scoring_elements": "0.98827", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2017-2824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2824", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2824" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2825", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-2825" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863584", "reference_id": "863584", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863584" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295377?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.7%2Bdfsg-2%2Bdeb8u3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.7%252Bdfsg-2%252Bdeb8u3" }, { "url": "http://public2.vulnerablecode.io/api/packages/517655?format=api", "purl": "pkg:deb/debian/zabbix@1:3.0.7%2Bdfsg-3", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:3.0.7%252Bdfsg-3" } ], "aliases": [ "CVE-2017-2824" ], "risk_score": 0.3, "exploitability": "0.5", "weighted_severity": "0.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vy7n-a2u2-euad" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107126?format=api", "vulnerability_id": "VCID-w4dd-77t2-wuc7", "summary": "Execution time for an unsuccessful login differs when using a non-existing username compared to using an existing one.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36469", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00121", "scoring_system": "epss", "scoring_elements": "0.30688", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-36469" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36469", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-36469" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-26255", "reference_id": "ZBX-26255", "reference_type": "", "scores": [ { "value": "2.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-02T15:00:32Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-26255" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-36469" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-w4dd-77t2-wuc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107044?format=api", "vulnerability_id": "VCID-wh67-jsgy-gbe8", "summary": "SQL injection vulnerability in frontends/php/popup_bitem.php in Zabbix 1.8.15rc1 and earlier, and 2.x before 2.0.2rc1, allows remote attackers to execute arbitrary SQL commands via the itemid parameter.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3435", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.83128", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01799", "scoring_system": "epss", "scoring_elements": "0.83154", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2012-3435" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3435", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3435" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683273", "reference_id": "683273", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683273" }, { "reference_url": "https://security.gentoo.org/glsa/201311-15", "reference_id": "GLSA-201311-15", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201311-15" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/20087.py", "reference_id": "OSVDB-84127;CVE-2012-3435", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/20087.py" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2012-3435" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wh67-jsgy-gbe8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107115?format=api", "vulnerability_id": "VCID-wv5n-ccn5-fqc2", "summary": "Zabbix allows to configure SMS notifications. AT command injection occurs on \"Zabbix Server\" because there is no validation of \"Number\" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22122", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00438", "scoring_system": "epss", "scoring_elements": "0.63478", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22122" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22122", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22122" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553", "reference_id": "1078553", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25012", "reference_id": "ZBX-25012", "reference_type": "", "scores": [ { "value": "3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T14:46:40Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25012" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-22122" ], "risk_score": 0.8, "exploitability": "0.5", "weighted_severity": "1.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wv5n-ccn5-fqc2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107134?format=api", "vulnerability_id": "VCID-xaqm-x1w4-s3hn", "summary": "The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. This attack requires SNMP auth to be off and/or the attacker to know the community/auth details. The attack requires an SNMP item to be configured as text on the target host.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42332", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00841", "scoring_system": "epss", "scoring_elements": "0.75111", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-42332" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42332", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-42332" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689", "reference_id": "1088689", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25628", "reference_id": "ZBX-25628", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:54:59Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25628" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-42332" ], "risk_score": 0.9, "exploitability": "0.5", "weighted_severity": "1.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xaqm-x1w4-s3hn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107084?format=api", "vulnerability_id": "VCID-xbu8-2jvk-83gy", "summary": "Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43515", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.33133", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00135", "scoring_system": "epss", "scoring_elements": "0.3303", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-43515" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43515", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-43515" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026847", "reference_id": "1026847", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026847" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T17:57:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22050", "reference_id": "ZBX-22050", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-22T17:57:56Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22050" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-43515" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xbu8-2jvk-83gy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107068?format=api", "vulnerability_id": "VCID-xgdb-wn8q-9bbz", "summary": "Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11800", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.47753", "scoring_system": "epss", "scoring_elements": "0.97765", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.47753", "scoring_system": "epss", "scoring_elements": "0.97768", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-11800" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11800", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-11800" }, { "reference_url": "https://usn.ubuntu.com/USN-4767-1/", "reference_id": "USN-USN-4767-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/USN-4767-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/517656?format=api", "purl": "pkg:deb/debian/zabbix@1:4.0.4%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:4.0.4%252Bdfsg-1" } ], "aliases": [ "CVE-2020-11800" ], "risk_score": 0.2, "exploitability": "0.5", "weighted_severity": "0.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xgdb-wn8q-9bbz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107073?format=api", "vulnerability_id": "VCID-xjrj-meu6-qkc8", "summary": "An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23133", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.76877", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00963", "scoring_system": "epss", "scoring_elements": "0.7691", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-23133" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23133", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23133" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" } ], "aliases": [ "CVE-2022-23133" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xjrj-meu6-qkc8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107093?format=api", "vulnerability_id": "VCID-xwr8-85au-ukd7", "summary": "Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the payload for every victim visiting its web pages.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29454", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00815", "scoring_system": "epss", "scoring_elements": "0.74676", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-29454" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29454", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29454" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175", "reference_id": "1055175", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html", "reference_id": "msg00027.html", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:47Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2023/08/msg00027.html" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-22985", "reference_id": "ZBX-22985", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-21T21:06:47Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-22985" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2023-29454" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-xwr8-85au-ukd7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107043?format=api", "vulnerability_id": "VCID-ye9q-8r9w-pudz", "summary": "Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the profiler.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2011-5027", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.6358", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00442", "scoring_system": "epss", "scoring_elements": "0.63623", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2011-5027" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5027", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5027" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652664", "reference_id": "652664", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652664" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295375?format=api", "purl": "pkg:deb/debian/zabbix@1:2.2.5%2Bdfsg-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:2.2.5%252Bdfsg-1~bpo70%252B1" } ], "aliases": [ "CVE-2011-5027" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ye9q-8r9w-pudz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107111?format=api", "vulnerability_id": "VCID-ytep-z8dn-vfh7", "summary": "When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22117", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18104", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-22117" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22117", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-22117" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "2.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://support.zabbix.com/browse/ZBX-25610", "reference_id": "ZBX-25610", "reference_type": "", "scores": [ { "value": "2.2", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-26T15:03:28Z/" } ], "url": "https://support.zabbix.com/browse/ZBX-25610" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/195441?format=api", "purl": "pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-18kh-njx3-p7aw" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-53f2-uzt4-pqgs" }, { "vulnerability": "VCID-547k-dyst-k3gx" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-7ajm-my3d-7fgy" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-8zqh-3xt2-nbdq" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bff2-nhum-ckhj" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-dr1v-72p6-2yhn" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-frdw-trch-uufq" }, { "vulnerability": "VCID-gapt-kwkw-kkek" }, { "vulnerability": "VCID-gj5s-dde8-1ubx" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-jy3a-zvh4-b3ag" }, { "vulnerability": "VCID-kfz9-wq8k-nkb3" }, { "vulnerability": "VCID-m5us-tmqh-wkbm" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-nv7m-hsr3-17gk" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pr1g-m4k2-1ue1" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tbsd-gk6n-9ygc" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-w384-t6ne-s3g7" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wurt-zx5x-8kds" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/195442?format=api", "purl": "pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1~bpo12%2B1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1~bpo12%252B1" } ], "aliases": [ "CVE-2024-22117" ], "risk_score": 0.7, "exploitability": "0.5", "weighted_severity": "1.4", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-ytep-z8dn-vfh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/107025?format=api", "vulnerability_id": "VCID-z61a-2c8g-xyar", "summary": "zabbix_agentd 1.1.4 in ZABBIX before 1.4.3 runs \"UserParameter\" scripts with gid 0, which might allow local users to gain privileges.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6210.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2007-6210.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6210", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34691", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00146", "scoring_system": "epss", "scoring_elements": "0.34788", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2007-6210" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6210", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6210" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=407181", "reference_id": "407181", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=407181" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682", "reference_id": "452682", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=452682" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30839.c", "reference_id": "CVE-2007-6210;OSVDB-42480", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/local/30839.c" }, { "reference_url": "https://www.securityfocus.com/bid/26680/info", "reference_id": "CVE-2007-6210;OSVDB-42480", "reference_type": "exploit", "scores": [], "url": "https://www.securityfocus.com/bid/26680/info" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/295374?format=api", "purl": "pkg:deb/debian/zabbix@1:1.4.6-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1b34-bndb-zub9" }, { "vulnerability": "VCID-1du6-kdnf-fyb5" }, { "vulnerability": "VCID-1s1b-qk2v-zkcd" }, { "vulnerability": "VCID-21tq-54r3-cqec" }, { "vulnerability": "VCID-2jas-5kc1-puat" }, { "vulnerability": "VCID-2vfp-e498-w7hk" }, { "vulnerability": "VCID-35gu-ctk8-2yd2" }, { "vulnerability": "VCID-3azv-fsyx-n3fz" }, { "vulnerability": "VCID-3stx-z7ze-wbe8" }, { "vulnerability": "VCID-4c5a-bddp-pka5" }, { "vulnerability": "VCID-4ev6-fuzz-rfcs" }, { "vulnerability": "VCID-52r6-1jr1-2feq" }, { "vulnerability": "VCID-5t3t-6uqs-akbk" }, { "vulnerability": "VCID-5u6h-ypms-9kh6" }, { "vulnerability": "VCID-5wgt-e67m-ffah" }, { "vulnerability": "VCID-6exg-t3xp-qqe2" }, { "vulnerability": "VCID-6x1m-q4gr-2kb8" }, { "vulnerability": "VCID-75fb-vhhc-fbe8" }, { "vulnerability": "VCID-8eb9-mxpg-5kf2" }, { "vulnerability": "VCID-93tm-fkvp-1kba" }, { "vulnerability": "VCID-9s7r-kv5y-ska8" }, { "vulnerability": "VCID-ambh-afzs-2kg9" }, { "vulnerability": "VCID-beqm-vczf-dqgj" }, { "vulnerability": "VCID-bm7b-qurk-2qdk" }, { "vulnerability": "VCID-bpv9-1cmc-kbc6" }, { "vulnerability": "VCID-buz8-zycr-tbh2" }, { "vulnerability": "VCID-d559-8s22-gybe" }, { "vulnerability": "VCID-d55m-pwq1-nqcc" }, { "vulnerability": "VCID-dvhf-ffyq-c7ej" }, { "vulnerability": "VCID-ewgr-1z26-pfev" }, { "vulnerability": "VCID-fefk-6mjh-67fm" }, { "vulnerability": "VCID-gda8-xx5v-u7g2" }, { "vulnerability": "VCID-gf1n-c45z-rye2" }, { "vulnerability": "VCID-gye4-mc6e-8uff" }, { "vulnerability": "VCID-h5fw-ktc6-rqd3" }, { "vulnerability": "VCID-h7n5-ykw5-n3hm" }, { "vulnerability": "VCID-h84c-eqxk-h7gb" }, { "vulnerability": "VCID-hhsz-ba47-zka4" }, { "vulnerability": "VCID-hngy-fhf8-8uhy" }, { "vulnerability": "VCID-hq72-xktp-uuar" }, { "vulnerability": "VCID-hv42-ctsb-nkfb" }, { "vulnerability": "VCID-hww9-78k3-xqac" }, { "vulnerability": "VCID-jate-jey2-n3g1" }, { "vulnerability": "VCID-jcd1-hyep-c3h3" }, { "vulnerability": "VCID-jkcz-zpks-ubgz" }, { "vulnerability": "VCID-jked-29nn-tqe3" }, { "vulnerability": "VCID-jx4z-thz3-rbdw" }, { "vulnerability": "VCID-k2yk-am7q-kfa6" }, { "vulnerability": "VCID-k8pk-h464-kuek" }, { "vulnerability": "VCID-km9b-ugb1-yucs" }, { "vulnerability": "VCID-mpy5-d7qa-u7fz" }, { "vulnerability": "VCID-n38c-6usb-tkgq" }, { "vulnerability": "VCID-n3g7-yr8w-5fcf" }, { "vulnerability": "VCID-nan2-qhcz-xbc1" }, { "vulnerability": "VCID-pgj4-u64z-17bt" }, { "vulnerability": "VCID-pz4p-6czt-akcb" }, { "vulnerability": "VCID-rkzq-f7dh-y7h7" }, { "vulnerability": "VCID-s4mv-539d-33cm" }, { "vulnerability": "VCID-sc8u-4w9c-23ev" }, { "vulnerability": "VCID-sjge-qncn-2ufr" }, { "vulnerability": "VCID-t864-v2g6-jbhk" }, { "vulnerability": "VCID-tt47-6swy-n3cw" }, { "vulnerability": "VCID-tt64-mrch-fbe4" }, { "vulnerability": "VCID-u4hp-dwsj-53b9" }, { "vulnerability": "VCID-ubyg-pbmy-ekds" }, { "vulnerability": "VCID-uwcx-u9aa-jfa6" }, { "vulnerability": "VCID-vmfc-87jp-uub5" }, { "vulnerability": "VCID-vn84-cpw4-33de" }, { "vulnerability": "VCID-vuzz-by1n-aff9" }, { "vulnerability": "VCID-vy7n-a2u2-euad" }, { "vulnerability": "VCID-w4dd-77t2-wuc7" }, { "vulnerability": "VCID-wh67-jsgy-gbe8" }, { "vulnerability": "VCID-wv5n-ccn5-fqc2" }, { "vulnerability": "VCID-xaqm-x1w4-s3hn" }, { "vulnerability": "VCID-xbu8-2jvk-83gy" }, { "vulnerability": "VCID-xgdb-wn8q-9bbz" }, { "vulnerability": "VCID-xjrj-meu6-qkc8" }, { "vulnerability": "VCID-xwr8-85au-ukd7" }, { "vulnerability": "VCID-ye9q-8r9w-pudz" }, { "vulnerability": "VCID-ytep-z8dn-vfh7" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:1.4.6-1" } ], "aliases": [ "CVE-2007-6210" ], "risk_score": null, "exploitability": "2.0", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z61a-2c8g-xyar" } ], "fixing_vulnerabilities": [], "risk_score": "3.9", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:1.1.4-10" }