Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/zabbix@0?distro=trixie

Type deb

Namespace debian

Name zabbix

Version 0

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version 1:1.1.2-4

Latest_non_vulnerable_version 1:7.0.22+dfsg-1

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-32c6-6w9k-k3c1

vulnerability_id VCID-32c6-6w9k-k3c1

summary When the webdriver for the Browser object downloads data from a HTTP server, the data pointer is set to NULL and is allocated only in curl_write_cb when receiving data. If the server's response is an empty document, then wd->data in the code below will remain NULL and an attempt to read from it will result in a crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42328

reference_id

reference_type

scores

value	0.00045
scoring_system	epss
scoring_elements	0.13646
published_at	2026-04-18T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13789
published_at	2026-04-12T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.1374
published_at	2026-04-13T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13649
published_at	2026-04-16T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13865
published_at	2026-04-02T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13922
published_at	2026-04-04T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13724
published_at	2026-04-07T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13806
published_at	2026-04-08T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13857
published_at	2026-04-09T12:55:00Z

value	0.00045
scoring_system	epss
scoring_elements	0.13825
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42328

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090029
reference_id	1090029
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1090029

reference_url

https://support.zabbix.com/browse/ZBX-25624

reference_id

ZBX-25624

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:56:07Z/

url

https://support.zabbix.com/browse/ZBX-25624

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-42328

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-32c6-6w9k-k3c1

url VCID-3ha2-her6-jkfe

vulnerability_id VCID-3ha2-her6-jkfe

summary An unauthenticated attacker can exploit the Frontend 'validate' action to blindly instantiate arbitrary PHP classes. The impact depends on environment setup but appears limited at this time.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2026-23923

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22097
published_at	2026-04-18T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22217
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22164
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22104
published_at	2026-04-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22103
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22264
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22048
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22128
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22183
published_at	2026-04-09T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22204
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2026-23923

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-27641

reference_id

ZBX-27641

reference_type

scores

value	6.9
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2026-03-25T19:24:53Z/

url

https://support.zabbix.com/browse/ZBX-27641

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2026-23923

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3ha2-her6-jkfe

url VCID-5t3e-bfve-d3he

vulnerability_id VCID-5t3e-bfve-d3he

summary The Zabbix Agent 2 item key smart.disk.get does not sanitize its parameters before passing them to a shell command resulting possible vulnerability for remote code execution.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-32728

reference_id

reference_type

scores

value	0.00536
scoring_system	epss
scoring_elements	0.67509
published_at	2026-04-18T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67419
published_at	2026-04-02T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67495
published_at	2026-04-12T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67461
published_at	2026-04-13T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67497
published_at	2026-04-16T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67441
published_at	2026-04-04T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.6742
published_at	2026-04-07T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67471
published_at	2026-04-08T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67485
published_at	2026-04-09T12:55:00Z

value	0.00536
scoring_system	epss
scoring_elements	0.67508
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-32728

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-23858

reference_id

ZBX-23858

reference_type

scores

value	4.6
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T20:43:15Z/

url

https://support.zabbix.com/browse/ZBX-23858

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.24%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.24%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.24%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2023-32728

risk_score 1.1

exploitability 0.5

weighted_severity 2.3

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5t3e-bfve-d3he

url VCID-76qf-8jm4-8kct

vulnerability_id VCID-76qf-8jm4-8kct

summary Zabbix server can perform command execution for configured scripts. After command is executed, audit entry is added to "Audit Log". Due to "clientip" field is not sanitized, it is possible to injection SQL into "clientip" and exploit time based blind SQL injection.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22120

reference_id

reference_type

scores

value	0.92259
scoring_system	epss
scoring_elements	0.99716
published_at	2026-04-02T12:55:00Z

value	0.92259
scoring_system	epss
scoring_elements	0.99717
published_at	2026-04-04T12:55:00Z

value	0.92259
scoring_system	epss
scoring_elements	0.99718
published_at	2026-04-13T12:55:00Z

value	0.92259
scoring_system	epss
scoring_elements	0.99719
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22120

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072120
reference_id	1072120
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1072120

reference_url

https://support.zabbix.com/browse/ZBX-24505

reference_id

ZBX-24505

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-05-20T13:29:40Z/

url

https://support.zabbix.com/browse/ZBX-24505

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.29%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.29%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.29%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-22120

risk_score 9.0

exploitability 2.0

weighted_severity 4.5

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-76qf-8jm4-8kct

url VCID-8yyv-6phn-tkaq

vulnerability_id VCID-8yyv-6phn-tkaq

summary The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. But this function can fail for various reasons without an error description and then the wd->error will be NULL and trying to read from it will result in a crash.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42329

reference_id

reference_type

scores

value	0.00037
scoring_system	epss
scoring_elements	0.11072
published_at	2026-04-18T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11225
published_at	2026-04-12T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11199
published_at	2026-04-13T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11063
published_at	2026-04-16T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11232
published_at	2026-04-02T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11296
published_at	2026-04-04T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11111
published_at	2026-04-07T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11191
published_at	2026-04-08T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11247
published_at	2026-04-09T12:55:00Z

value	0.00037
scoring_system	epss
scoring_elements	0.11258
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42329

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25625

reference_id

ZBX-25625

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:55:49Z/

url

https://support.zabbix.com/browse/ZBX-25625

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-42329

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8yyv-6phn-tkaq

url VCID-9jfn-6nvg-a3b6

vulnerability_id VCID-9jfn-6nvg-a3b6

summary A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is available for every user who has API access.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42327

reference_id

reference_type

scores

value	0.90724
scoring_system	epss
scoring_elements	0.99621
published_at	2026-04-07T12:55:00Z

value	0.90724
scoring_system	epss
scoring_elements	0.99623
published_at	2026-04-16T12:55:00Z

value	0.90724
scoring_system	epss
scoring_elements	0.99622
published_at	2026-04-09T12:55:00Z

value	0.90724
scoring_system	epss
scoring_elements	0.99619
published_at	2026-04-02T12:55:00Z

value	0.90724
scoring_system	epss
scoring_elements	0.9962
published_at	2026-04-04T12:55:00Z

value	0.91356
scoring_system	epss
scoring_elements	0.9966
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42327

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52230.py
reference_id	CVE-2024-42327
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/52230.py

reference_url

https://support.zabbix.com/browse/ZBX-25623

reference_id

ZBX-25623

reference_type

scores

value	9.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-11-27T15:10:31Z/

url

https://support.zabbix.com/browse/ZBX-25623

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-42327

risk_score 10.0

exploitability 2.0

weighted_severity 5.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9jfn-6nvg-a3b6

url VCID-a13m-gsde-jyf3

vulnerability_id VCID-a13m-gsde-jyf3

summary An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-40626

reference_id

reference_type

scores

value	0.01866
scoring_system	epss
scoring_elements	0.83116
published_at	2026-04-18T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83028
published_at	2026-04-02T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83042
published_at	2026-04-04T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.8304
published_at	2026-04-07T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83064
published_at	2026-04-08T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83072
published_at	2026-04-09T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83088
published_at	2026-04-11T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83082
published_at	2026-04-12T12:55:00Z

value	0.01866
scoring_system	epss
scoring_elements	0.83077
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-40626

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-40626

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a13m-gsde-jyf3

url VCID-b6xv-kz4p-k3em

vulnerability_id VCID-b6xv-kz4p-k3em

summary There was discovered a use after free bug in browser.c in the es_browser_get_variant function

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-42326

reference_id

reference_type

scores

value	0.00073
scoring_system	epss
scoring_elements	0.22213
published_at	2026-04-12T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22153
published_at	2026-04-16T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22152
published_at	2026-04-13T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22271
published_at	2026-04-02T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22313
published_at	2026-04-04T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22098
published_at	2026-04-07T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22181
published_at	2026-04-08T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22235
published_at	2026-04-09T12:55:00Z

value	0.00073
scoring_system	epss
scoring_elements	0.22254
published_at	2026-04-11T12:55:00Z

value	0.00099
scoring_system	epss
scoring_elements	0.27535
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-42326

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25622

reference_id

ZBX-25622

reference_type

scores

value	4.4
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:56:46Z/

url

https://support.zabbix.com/browse/ZBX-25622

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-42326

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b6xv-kz4p-k3em

url VCID-dfwk-raex-fqfy

vulnerability_id VCID-dfwk-raex-fqfy

summary Due to a bug in Zabbix API, the hostprototype.get method lists all host prototypes to users that do not have any user groups assigned to them.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27238

reference_id

reference_type

scores

value	0.00025
scoring_system	epss
scoring_elements	0.07011
published_at	2026-04-04T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06957
published_at	2026-04-02T12:55:00Z

value	0.00025
scoring_system	epss
scoring_elements	0.06992
published_at	2026-04-07T12:55:00Z

value	0.00026
scoring_system	epss
scoring_elements	0.07167
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07592
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07681
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07698
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07696
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07682
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07666
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27238

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448
reference_id	1117448
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448

reference_url

https://support.zabbix.com/browse/ZBX-26988

reference_id

ZBX-26988

reference_type

scores

value	2.1
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T11:54:14Z/

url

https://support.zabbix.com/browse/ZBX-26988

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-27238

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dfwk-raex-fqfy

url VCID-f797-yxay-bffg

vulnerability_id VCID-f797-yxay-bffg

summary After the initial setup process, some steps of setup.php file are reachable not only by super-administrators, but by unauthenticated users as well. Malicious actor can pass step checks and potentially change the configuration of Zabbix Frontend.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23134

reference_id

reference_type

scores

value	0.93096
scoring_system	epss
scoring_elements	0.99792
published_at	2026-04-13T12:55:00Z

value	0.93096
scoring_system	epss
scoring_elements	0.99791
published_at	2026-04-07T12:55:00Z

value	0.93096
scoring_system	epss
scoring_elements	0.99794
published_at	2026-04-18T12:55:00Z

value	0.93096
scoring_system	epss
scoring_elements	0.99793
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23134

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/

reference_id

6SZYHXINBKCY42ITFSNCYE7KCSF33VRA

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6SZYHXINBKCY42ITFSNCYE7KCSF33VRA/

reference_url

https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html

reference_id

msg00008.html

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://lists.debian.org/debian-lts-announce/2022/02/msg00008.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/

reference_id

VB6W556GVXOKUYTASTDGL3AI7S3SJHX7

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VB6W556GVXOKUYTASTDGL3AI7S3SJHX7/

reference_url

https://support.zabbix.com/browse/ZBX-20384

reference_id

ZBX-20384

reference_type

scores

value	3.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-29T17:20:09Z/

url

https://support.zabbix.com/browse/ZBX-20384

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.7%2Bdfsg-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.7%252Bdfsg-2%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-23134

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f797-yxay-bffg

url VCID-fqc6-4dcw-tbcm

vulnerability_id VCID-fqc6-4dcw-tbcm

summary Arbitrary file read vulnerability exists in Zabbix Web Service Report Generation, which listens on the port 10053. The service does not have proper validation for URL parameters before reading the files.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-46768

reference_id

reference_type

scores

value	0.05203
scoring_system	epss
scoring_elements	0.89946
published_at	2026-04-18T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89944
published_at	2026-04-16T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89892
published_at	2026-04-02T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89905
published_at	2026-04-04T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.8991
published_at	2026-04-07T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89926
published_at	2026-04-08T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89932
published_at	2026-04-09T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89939
published_at	2026-04-11T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.89937
published_at	2026-04-12T12:55:00Z

value	0.05203
scoring_system	epss
scoring_elements	0.8993
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-46768

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026847
reference_id	1026847
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026847

reference_url

https://support.zabbix.com/browse/ZBX-22087

reference_id

ZBX-22087

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T13:48:48Z/

url

https://support.zabbix.com/browse/ZBX-22087

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.13%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.13%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.13%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-46768

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqc6-4dcw-tbcm

url VCID-gguu-hkn6-gfbk

vulnerability_id VCID-gguu-hkn6-gfbk

summary A Firewall Rule which allows all incoming TCP connections to all programs from any source and to all ports is created in Windows Firewall after Zabbix agent installation (MSI)

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-43516

reference_id

reference_type

scores

value	0.0454
scoring_system	epss
scoring_elements	0.89193
published_at	2026-04-18T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89179
published_at	2026-04-13T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89136
published_at	2026-04-02T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89151
published_at	2026-04-04T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89153
published_at	2026-04-07T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89171
published_at	2026-04-08T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89176
published_at	2026-04-09T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89186
published_at	2026-04-11T12:55:00Z

value	0.0454
scoring_system	epss
scoring_elements	0.89182
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-43516

reference_url

https://support.zabbix.com/browse/ZBX-22002

reference_id

ZBX-22002

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-18T18:08:51Z/

url

https://support.zabbix.com/browse/ZBX-22002

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-43516

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gguu-hkn6-gfbk

url VCID-gyqk-zsww-ykdj

vulnerability_id VCID-gyqk-zsww-ykdj

summary Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-29451

reference_id

reference_type

scores

value	0.0011
scoring_system	epss
scoring_elements	0.29542
published_at	2026-04-04T12:55:00Z

value	0.0011
scoring_system	epss
scoring_elements	0.29494
published_at	2026-04-02T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31829
published_at	2026-04-18T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31888
published_at	2026-04-09T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31891
published_at	2026-04-11T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31852
published_at	2026-04-12T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31817
published_at	2026-04-13T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31849
published_at	2026-04-16T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.31807
published_at	2026-04-07T12:55:00Z

value	0.00126
scoring_system	epss
scoring_elements	0.3186
published_at	2026-04-08T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-29451

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175
reference_id	1055175
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175

reference_url

https://support.zabbix.com/browse/ZBX-22587

reference_id

ZBX-22587

reference_type

scores

value	4.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:25:43Z/

url

https://support.zabbix.com/browse/ZBX-22587

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2023-29451

risk_score 2.1

exploitability 0.5

weighted_severity 4.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyqk-zsww-ykdj

url VCID-hfam-an1b-u7e3

vulnerability_id VCID-hfam-an1b-u7e3

summary A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-36465

reference_id

reference_type

scores

value	0.00502
scoring_system	epss
scoring_elements	0.65995
published_at	2026-04-02T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.65991
published_at	2026-04-07T12:55:00Z

value	0.00502
scoring_system	epss
scoring_elements	0.66023
published_at	2026-04-04T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71639
published_at	2026-04-18T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71623
published_at	2026-04-11T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71608
published_at	2026-04-12T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71634
published_at	2026-04-16T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.71589
published_at	2026-04-13T12:55:00Z

value	0.00681
scoring_system	epss
scoring_elements	0.716
published_at	2026-04-09T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-36465

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-26257

reference_id

ZBX-26257

reference_type

scores

value	8.6
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-02T15:09:12Z/

url

https://support.zabbix.com/browse/ZBX-26257

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.9%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.9%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-36465

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hfam-an1b-u7e3

url VCID-hgbt-8rz5-q3a9

vulnerability_id VCID-hgbt-8rz5-q3a9

summary Uncontrolled resource consumption refers to a software vulnerability where a attacker or system uses excessive resources, such as CPU, memory, or network bandwidth, without proper limitations or controls. This can cause a denial-of-service (DoS) attack or degrade the performance of the affected system.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-36462

reference_id

reference_type

scores

value	0.00296
scoring_system	epss
scoring_elements	0.52969
published_at	2026-04-18T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52941
published_at	2026-04-12T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52925
published_at	2026-04-13T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52962
published_at	2026-04-16T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52868
published_at	2026-04-02T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52894
published_at	2026-04-04T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52863
published_at	2026-04-07T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52913
published_at	2026-04-08T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52907
published_at	2026-04-09T12:55:00Z

value	0.00296
scoring_system	epss
scoring_elements	0.52957
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-36462

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553
reference_id	1078553
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1078553

reference_url

https://support.zabbix.com/browse/ZBX-25019

reference_id

ZBX-25019

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-08-09T12:57:48Z/

url

https://support.zabbix.com/browse/ZBX-25019

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-36462

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hgbt-8rz5-q3a9

url VCID-n5md-76wa-dbaa

vulnerability_id VCID-n5md-76wa-dbaa

summary A Zabbix adminitrator can inject arbitrary SQL during the autoremoval of hosts by inserting malicious SQL in the 'Visible name' field.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27240

reference_id

reference_type

scores

value	0.00057
scoring_system	epss
scoring_elements	0.18122
published_at	2026-04-04T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.18068
published_at	2026-04-02T12:55:00Z

value	0.00057
scoring_system	epss
scoring_elements	0.17823
published_at	2026-04-07T12:55:00Z

value	0.00062
scoring_system	epss
scoring_elements	0.19182
published_at	2026-04-18T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20037
published_at	2026-04-16T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20075
published_at	2026-04-08T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20132
published_at	2026-04-09T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20158
published_at	2026-04-11T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20113
published_at	2026-04-12T12:55:00Z

value	0.00065
scoring_system	epss
scoring_elements	0.20055
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27240

reference_url

https://support.zabbix.com/browse/ZBX-26986

reference_id

ZBX-26986

reference_type

scores

value	7.5
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-13T03:55:34Z/

url

https://support.zabbix.com/browse/ZBX-26986

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.5%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.5%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-27240

risk_score 1.9

exploitability 0.5

weighted_severity 3.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n5md-76wa-dbaa

url VCID-nye8-x53u-zkhw

vulnerability_id VCID-nye8-x53u-zkhw

summary A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-22121

reference_id

reference_type

scores

value	0.00031
scoring_system	epss
scoring_elements	0.0869
published_at	2026-04-18T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08838
published_at	2026-04-12T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08825
published_at	2026-04-13T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08715
published_at	2026-04-16T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08785
published_at	2026-04-02T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08833
published_at	2026-04-04T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08766
published_at	2026-04-07T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08844
published_at	2026-04-08T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.0887
published_at	2026-04-09T12:55:00Z

value	0.00031
scoring_system	epss
scoring_elements	0.08869
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-22121

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-25011

reference_id

ZBX-25011

reference_type

scores

value	6.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-08-09T15:17:38Z/

url

https://support.zabbix.com/browse/ZBX-25011

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-22121

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nye8-x53u-zkhw

url VCID-nyhx-57xy-wugc

vulnerability_id VCID-nyhx-57xy-wugc

summary Currently, geomap configuration (Administration -> General -> Geographical maps) allows using HTML in the field “Attribution text” when selected “Other” Tile provider.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-29452

reference_id

reference_type

scores

value	0.01801
scoring_system	epss
scoring_elements	0.82757
published_at	2026-04-04T12:55:00Z

value	0.01801
scoring_system	epss
scoring_elements	0.82744
published_at	2026-04-02T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.83581
published_at	2026-04-18T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.83545
published_at	2026-04-13T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.8358
published_at	2026-04-16T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.83507
published_at	2026-04-07T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.83531
published_at	2026-04-08T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.83541
published_at	2026-04-09T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.83556
published_at	2026-04-11T12:55:00Z

value	0.01972
scoring_system	epss
scoring_elements	0.8355
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-29452

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175
reference_id	1055175
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055175

reference_url

https://support.zabbix.com/browse/ZBX-22981

reference_id

ZBX-22981

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-22T16:21:55Z/

url

https://support.zabbix.com/browse/ZBX-22981

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2023-29452

risk_score 1.4

exploitability 0.5

weighted_severity 2.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nyhx-57xy-wugc

url VCID-pyz2-fufh-c7gc

vulnerability_id VCID-pyz2-fufh-c7gc

summary In the case of instances where the SAML SSO authentication is enabled (non-default), session data can be modified by a malicious actor, because a user login stored in the session was not verified. Malicious unauthenticated actor may exploit this issue to escalate privileges and gain admin access to Zabbix Frontend. To perform the attack, SAML authentication is required to be enabled and the actor has to know the username of Zabbix user (or use the guest account, which is disabled by default).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-23131

reference_id

reference_type

scores

value	0.94045
scoring_system	epss
scoring_elements	0.99901
published_at	2026-04-18T12:55:00Z

value	0.94045
scoring_system	epss
scoring_elements	0.999
published_at	2026-04-16T12:55:00Z

value	0.94252
scoring_system	epss
scoring_elements	0.99931
published_at	2026-04-02T12:55:00Z

value	0.94252
scoring_system	epss
scoring_elements	0.99932
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-23131

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-20350

reference_id

ZBX-20350

reference_type

scores

value	9.1
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

value	Act
scoring_system	ssvc
scoring_elements	SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-01-29T17:20:59Z/

url

https://support.zabbix.com/browse/ZBX-20350

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2022-23131

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pyz2-fufh-c7gc

url VCID-ry8x-mjbp-qqct

vulnerability_id VCID-ry8x-mjbp-qqct

summary A bug in the code allows an attacker to sign a forged zbx_session cookie, which then allows them to sign in with admin permissions.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-36466

reference_id

reference_type

scores

value	0.00187
scoring_system	epss
scoring_elements	0.40555
published_at	2026-04-18T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40556
published_at	2026-04-12T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40537
published_at	2026-04-13T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40585
published_at	2026-04-16T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40565
published_at	2026-04-02T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40592
published_at	2026-04-04T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40513
published_at	2026-04-07T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40564
published_at	2026-04-08T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40574
published_at	2026-04-09T12:55:00Z

value	0.00187
scoring_system	epss
scoring_elements	0.40593
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-36466

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://support.zabbix.com/browse/ZBX-25635

reference_id

ZBX-25635

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-12-04T04:55:27Z/

url

https://support.zabbix.com/browse/ZBX-25635

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.1%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.1%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-36466

risk_score 2.2

exploitability 0.5

weighted_severity 4.4

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ry8x-mjbp-qqct

url VCID-s7ze-4huv-qqep

vulnerability_id VCID-s7ze-4huv-qqep

summary The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-36468

reference_id

reference_type

scores

value	0.00364
scoring_system	epss
scoring_elements	0.58488
published_at	2026-04-12T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.585
published_at	2026-04-16T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.58468
published_at	2026-04-13T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.58438
published_at	2026-04-02T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.58457
published_at	2026-04-04T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.58432
published_at	2026-04-07T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.58484
published_at	2026-04-08T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.5849
published_at	2026-04-09T12:55:00Z

value	0.00364
scoring_system	epss
scoring_elements	0.58507
published_at	2026-04-11T12:55:00Z

value	0.00494
scoring_system	epss
scoring_elements	0.65794
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-36468

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689
reference_id	1088689
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088689

reference_url

https://support.zabbix.com/browse/ZBX-25621

reference_id

ZBX-25621

reference_type

scores

value	3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-11-27T14:57:25Z/

url

https://support.zabbix.com/browse/ZBX-25621

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.3%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.3%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.3%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2024-36468

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s7ze-4huv-qqep

url VCID-s8ez-bd4f-vkch

vulnerability_id VCID-s8ez-bd4f-vkch

summary In Zabbix Agent and Agent 2 on Windows, the OpenSSL configuration file is loaded from a path writable by low-privileged users, allowing malicious modification and potential local privilege escalation by injecting a DLL.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27237

reference_id

reference_type

scores

value	0.0001
scoring_system	epss
scoring_elements	0.01044
published_at	2026-04-16T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01048
published_at	2026-04-13T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01052
published_at	2026-04-02T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01055
published_at	2026-04-04T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01064
published_at	2026-04-07T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01069
published_at	2026-04-08T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01068
published_at	2026-04-09T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01053
published_at	2026-04-18T12:55:00Z

value	0.0001
scoring_system	epss
scoring_elements	0.01049
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27237

reference_url

https://support.zabbix.com/browse/ZBX-27061

reference_id

ZBX-27061

reference_type

scores

value	7.3
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-04T03:55:25Z/

url

https://support.zabbix.com/browse/ZBX-27061

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-27237

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s8ez-bd4f-vkch

url VCID-sudd-unuw-wqa9

vulnerability_id VCID-sudd-unuw-wqa9

summary Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an attacker to inject unexpected arguments into the smartctl command. This can be used to leak the NTLMv2 hash from a Windows system.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27233

reference_id

reference_type

scores

value	0.00033
scoring_system	epss
scoring_elements	0.09365
published_at	2026-04-02T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09416
published_at	2026-04-04T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09326
published_at	2026-04-07T12:55:00Z

value	0.00033
scoring_system	epss
scoring_elements	0.09578
published_at	2026-04-18T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10336
published_at	2026-04-13T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10306
published_at	2026-04-08T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10368
published_at	2026-04-09T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10399
published_at	2026-04-11T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.10357
published_at	2026-04-12T12:55:00Z

value	0.00035
scoring_system	epss
scoring_elements	0.1021
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27233

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448
reference_id	1117448
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117448

reference_url

https://support.zabbix.com/browse/ZBX-26987

reference_id

ZBX-26987

reference_type

scores

value	5.7
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-09-12T11:57:58Z/

url

https://support.zabbix.com/browse/ZBX-26987

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-27233

risk_score 1.4

exploitability 0.5

weighted_severity 2.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sudd-unuw-wqa9

url VCID-tekr-xkck-pkfu

vulnerability_id VCID-tekr-xkck-pkfu

summary

Multiple vulnerabilities in Asterisk might allow remote attackers to cause
    a Denial of Service condition, or conduct other attacks.

references

reference_url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-7220.json
reference_id
reference_type
scores
url	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2008-7220.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-7220

reference_id

reference_type

scores

value	0.10024
scoring_system	epss
scoring_elements	0.93033
published_at	2026-04-01T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93041
published_at	2026-04-02T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93045
published_at	2026-04-07T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93053
published_at	2026-04-08T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93058
published_at	2026-04-09T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93063
published_at	2026-04-11T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.9306
published_at	2026-04-12T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93062
published_at	2026-04-13T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93073
published_at	2026-04-16T12:55:00Z

value	0.10024
scoring_system	epss
scoring_elements	0.93076
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-7220

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7220
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-7220

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=523277
reference_id	523277
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=523277

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555220
reference_id	555220
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555220

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555221
reference_id	555221
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555221

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555242
reference_id	555242
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555242

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555244
reference_id	555244
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555244

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555250
reference_id	555250
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555250

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555255
reference_id	555255
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555255

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555259
reference_id	555259
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555259

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555266
reference_id	555266
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=555266

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558977
reference_id	558977
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=558977

reference_url	https://security.gentoo.org/glsa/201006-20
reference_id	GLSA-201006-20
reference_type
scores
url	https://security.gentoo.org/glsa/201006-20

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2008-7220

risk_score 0.1

exploitability 0.5

weighted_severity 0.1

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tekr-xkck-pkfu

url VCID-tvzm-h9yk-dqhh

vulnerability_id VCID-tvzm-h9yk-dqhh

summary Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-49642

reference_id

reference_type

scores

value	0.00027
scoring_system	epss
scoring_elements	0.07578
published_at	2026-04-18T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07591
published_at	2026-04-16T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07604
published_at	2026-04-02T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07646
published_at	2026-04-04T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07621
published_at	2026-04-07T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.0768
published_at	2026-04-08T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07697
published_at	2026-04-09T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07695
published_at	2026-04-11T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07681
published_at	2026-04-12T12:55:00Z

value	0.00027
scoring_system	epss
scoring_elements	0.07665
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-49642

reference_url

https://support.zabbix.com/browse/ZBX-27283

reference_id

ZBX-27283

reference_type

scores

value	5.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T14:36:06Z/

url

https://support.zabbix.com/browse/ZBX-27283

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-49642

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tvzm-h9yk-dqhh

url VCID-uv2e-h2ju-2fgj

vulnerability_id VCID-uv2e-h2ju-2fgj

summary zabbix: Zabbix: Authenticated Super Admin can read arbitrary files via oauth.authorize action

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27232.json

reference_id

reference_type

scores

value	6.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-27232.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-27232

reference_id

reference_type

scores

value	0.00048
scoring_system	epss
scoring_elements	0.15
published_at	2026-04-02T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14799
published_at	2026-04-18T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14892
published_at	2026-04-13T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14792
published_at	2026-04-16T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.15078
published_at	2026-04-04T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14882
published_at	2026-04-07T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14971
published_at	2026-04-08T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.15022
published_at	2026-04-09T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.14986
published_at	2026-04-11T12:55:00Z

value	0.00048
scoring_system	epss
scoring_elements	0.1495
published_at	2026-04-12T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-27232

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2417984
reference_id	2417984
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2417984

reference_url

https://support.zabbix.com/browse/ZBX-27282

reference_id

ZBX-27282

reference_type

scores

value	6.8
scoring_system	cvssv4
scoring_elements	CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-01T14:38:44Z/

url

https://support.zabbix.com/browse/ZBX-27282

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-172p-q6d5-9ya3

vulnerability	VCID-1xr6-n296-cyfd

vulnerability	VCID-3g1d-2tvh-akh4

vulnerability	VCID-3qru-uxsd-e3c8

vulnerability	VCID-464s-8ex9-kqdz

vulnerability	VCID-4s92-5es4-yka5

vulnerability	VCID-4uxg-fxv7-rua8

vulnerability	VCID-547a-p94b-6fep

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-5s7j-6aea-qucr

vulnerability	VCID-5t3e-bfve-d3he

vulnerability	VCID-673b-qsd3-e3hz

vulnerability	VCID-6u3x-x7qt-g3fa

vulnerability	VCID-76qf-8jm4-8kct

vulnerability	VCID-7bzf-3c9x-8qc4

vulnerability	VCID-7f3g-hebk-3qad

vulnerability	VCID-7yp1-231f-a3eq

vulnerability	VCID-9jfn-6nvg-a3b6

vulnerability	VCID-9z8h-gg7t-b7f8

vulnerability	VCID-aetr-jrab-6fg5

vulnerability	VCID-b8tm-2187-wkhz

vulnerability	VCID-batr-txtv-s3cf

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-cuqx-wxkd-nffa

vulnerability	VCID-d7uk-h423-77f5

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-ftt2-5jnt-9ye2

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-gp3f-yz9h-eqax

vulnerability	VCID-gyqk-zsww-ykdj

vulnerability	VCID-kx3g-p2zj-duaj

vulnerability	VCID-mhx5-hcg2-wfc4

vulnerability	VCID-n5md-76wa-dbaa

vulnerability	VCID-nrkb-pzcu-8ueg

vulnerability	VCID-nyhx-57xy-wugc

vulnerability	VCID-psak-h1x6-1kca

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r65p-6wkq-sfb9

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-ry8x-mjbp-qqct

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-sudd-unuw-wqa9

vulnerability	VCID-uh37-bv9z-1bdz

vulnerability	VCID-uxdf-6tyd-rucd

vulnerability	VCID-vkfp-asar-7bhw

vulnerability	VCID-wczj-cv1m-7qce

vulnerability	VCID-zc7p-7yts-5yae

vulnerability	VCID-zrfp-skzu-cbet

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2025-27232

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uv2e-h2ju-2fgj

url VCID-vkfp-asar-7bhw

vulnerability_id VCID-vkfp-asar-7bhw

summary The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-32725

reference_id

reference_type

scores

value	0.00267
scoring_system	epss
scoring_elements	0.50255
published_at	2026-04-18T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50194
published_at	2026-04-02T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50222
published_at	2026-04-04T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50171
published_at	2026-04-07T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50225
published_at	2026-04-08T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50218
published_at	2026-04-09T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50246
published_at	2026-04-11T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.5022
published_at	2026-04-12T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50208
published_at	2026-04-13T12:55:00Z

value	0.00267
scoring_system	epss
scoring_elements	0.50253
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-32725

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	5.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

fixed_packages

url	pkg:deb/debian/zabbix@0?distro=trixie
purl	pkg:deb/debian/zabbix@0?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

url pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

purl pkg:deb/debian/zabbix@1:5.0.8%2Bdfsg-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-5nmy-hdh8-xbg1

vulnerability	VCID-cdyd-79m9-pyhv

vulnerability	VCID-dej6-dxbp-a3bt

vulnerability	VCID-fxqr-51kp-3ber

vulnerability	VCID-qzp5-px2f-vqc8

vulnerability	VCID-qzzk-mcfu-sfhv

vulnerability	VCID-r8yr-aet5-yydn

vulnerability	VCID-s1mb-1gsj-pbed

vulnerability	VCID-uh37-bv9z-1bdz

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:5.0.8%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:6.0.23%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.23%252Bdfsg-1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1~deb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1~deb13u1%3Fdistro=trixie

url	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
purl	pkg:deb/debian/zabbix@1:7.0.22%2Bdfsg-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:7.0.22%252Bdfsg-1%3Fdistro=trixie

aliases CVE-2023-32725

risk_score 1.4

exploitability 0.5

weighted_severity 2.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vkfp-asar-7bhw

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@0%3Fdistro=trixie

Package Instance