| 0 |
| url |
VCID-18fv-tqjq-p3ce |
| vulnerability_id |
VCID-18fv-tqjq-p3ce |
| summary |
An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim. This attack can be implemented with the help of social engineering and expiration of a number of factors - an attacker should have authorized access to the Zabbix Frontend and allowed network connection between a malicious server and victim’s computer, understand attacked infrastructure, be recognized by the victim as a trustee and use trusted communication channel. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24349 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43854 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43878 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43902 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43832 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43883 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43886 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43904 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00213 |
| scoring_system |
epss |
| scoring_elements |
0.43871 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74902 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74904 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00849 |
| scoring_system |
epss |
| scoring_elements |
0.74911 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24349 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-24349
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-18fv-tqjq-p3ce |
|
| 1 |
| url |
VCID-1xr6-n296-cyfd |
| vulnerability_id |
VCID-1xr6-n296-cyfd |
| summary |
The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22119 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62133 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.6213 |
| published_at |
2026-04-11T12:55:00Z |
|
| 2 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.6212 |
| published_at |
2026-04-12T12:55:00Z |
|
| 3 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62099 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62143 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62149 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62042 |
| published_at |
2026-04-02T12:55:00Z |
|
| 7 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62074 |
| published_at |
2026-04-04T12:55:00Z |
|
| 8 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62043 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.62093 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.00423 |
| scoring_system |
epss |
| scoring_elements |
0.6211 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22119 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-22119
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-1xr6-n296-cyfd |
|
| 2 |
| url |
VCID-2hd4-rbph-5qd8 |
| vulnerability_id |
VCID-2hd4-rbph-5qd8 |
| summary |
An authenticated user can create a hosts group from the configuration with XSS payload, which will be available for other users. When XSS is stored by an authenticated malicious actor and other users try to search for groups during new host creation, the XSS payload will fire and the actor can steal session cookies and perform session hijacking to impersonate users or take over their accounts. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23133 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76565 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76477 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76506 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76489 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76521 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76532 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76558 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76537 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76573 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00963 |
| scoring_system |
epss |
| scoring_elements |
0.76577 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23133 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-23133
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-2hd4-rbph-5qd8 |
|
| 3 |
| url |
VCID-3qru-uxsd-e3c8 |
| vulnerability_id |
VCID-3qru-uxsd-e3c8 |
| summary |
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server" because there is no validation of "Number" field on Web nor on Zabbix server side. Attacker can run test of SMS providing specially crafted phone number and execute additional AT commands on modem. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22122 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63136 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63113 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63148 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63155 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.6307 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.631 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63064 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63116 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63133 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.6315 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00438 |
| scoring_system |
epss |
| scoring_elements |
0.63135 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22122 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-22122
|
| risk_score |
0.8 |
| exploitability |
0.5 |
| weighted_severity |
1.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-3qru-uxsd-e3c8 |
|
| 4 |
| url |
VCID-464s-8ex9-kqdz |
| vulnerability_id |
VCID-464s-8ex9-kqdz |
| summary |
A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32721 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72306 |
| published_at |
2026-04-02T12:55:00Z |
|
| 1 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72324 |
| published_at |
2026-04-04T12:55:00Z |
|
| 2 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72301 |
| published_at |
2026-04-07T12:55:00Z |
|
| 3 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.7234 |
| published_at |
2026-04-08T12:55:00Z |
|
| 4 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72352 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72375 |
| published_at |
2026-04-11T12:55:00Z |
|
| 6 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72358 |
| published_at |
2026-04-12T12:55:00Z |
|
| 7 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72346 |
| published_at |
2026-04-13T12:55:00Z |
|
| 8 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72387 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72397 |
| published_at |
2026-04-18T12:55:00Z |
|
| 10 |
| value |
0.00715 |
| scoring_system |
epss |
| scoring_elements |
0.72384 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32721 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-32721
|
| risk_score |
null |
| exploitability |
0.5 |
| weighted_severity |
0.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-464s-8ex9-kqdz |
|
| 5 |
| url |
VCID-4s92-5es4-yka5 |
| vulnerability_id |
VCID-4s92-5es4-yka5 |
| summary |
User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22114 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39004 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39087 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39067 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39092 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.391 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39122 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.3904 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39096 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39112 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00176 |
| scoring_system |
epss |
| scoring_elements |
0.39124 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22114 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-22114
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4s92-5es4-yka5 |
|
| 6 |
| url |
VCID-4uxg-fxv7-rua8 |
| vulnerability_id |
VCID-4uxg-fxv7-rua8 |
| summary |
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32727 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.6436 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64302 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64322 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64358 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64369 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64331 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64287 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64335 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.6435 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64363 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00464 |
| scoring_system |
epss |
| scoring_elements |
0.64351 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32727 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-32727
|
| risk_score |
1.7 |
| exploitability |
0.5 |
| weighted_severity |
3.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-4uxg-fxv7-rua8 |
|
| 7 |
| url |
VCID-547a-p94b-6fep |
| vulnerability_id |
VCID-547a-p94b-6fep |
| summary |
The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32722 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58005 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.57972 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.57999 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58029 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58028 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.5799 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.57966 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58022 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58024 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58041 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00357 |
| scoring_system |
epss |
| scoring_elements |
0.58019 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32722 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-32722
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-547a-p94b-6fep |
|
| 8 |
| url |
VCID-5s7j-6aea-qucr |
| vulnerability_id |
VCID-5s7j-6aea-qucr |
| summary |
Stored or persistent cross-site scripting (XSS) is a type of XSS where the attacker first sends the payload to the web application, then the application saves the payload (e.g., in a database or server-side text files), and finally, the application unintentionally executes the payload for every victim visiting its web pages. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29454 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00646 |
| scoring_system |
epss |
| scoring_elements |
0.70673 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00646 |
| scoring_system |
epss |
| scoring_elements |
0.70654 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74209 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74177 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.7417 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74208 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74217 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74126 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74159 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74174 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00807 |
| scoring_system |
epss |
| scoring_elements |
0.74195 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29454 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29454
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-5s7j-6aea-qucr |
|
| 9 |
| url |
VCID-673b-qsd3-e3hz |
| vulnerability_id |
VCID-673b-qsd3-e3hz |
| summary |
Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script is activated through a link, which sends a request to a website with a vulnerability that enables execution of malicious scripts. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29455 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00917 |
| scoring_system |
epss |
| scoring_elements |
0.75899 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00917 |
| scoring_system |
epss |
| scoring_elements |
0.75866 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79081 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79068 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79058 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79085 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79082 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79028 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79052 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79059 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.01219 |
| scoring_system |
epss |
| scoring_elements |
0.79083 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29455 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29455
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
4.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-673b-qsd3-e3hz |
|
| 10 |
| url |
VCID-6u3x-x7qt-g3fa |
| vulnerability_id |
VCID-6u3x-x7qt-g3fa |
| summary |
JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. Preprocessing/webhook/global script configuration and testing are only available to Administrative roles (Admin and Superadmin). Administrative privileges should be typically granted to users who need to perform tasks that require more control over the system. The security risk is limited because not all users have this level of access. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29449 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00755 |
| scoring_system |
epss |
| scoring_elements |
0.73212 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00755 |
| scoring_system |
epss |
| scoring_elements |
0.73191 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75049 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75015 |
| published_at |
2026-04-13T12:55:00Z |
|
| 4 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75051 |
| published_at |
2026-04-16T12:55:00Z |
|
| 5 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75059 |
| published_at |
2026-04-18T12:55:00Z |
|
| 6 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.7498 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75014 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75026 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0086 |
| scoring_system |
epss |
| scoring_elements |
0.75047 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29449 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29449
|
| risk_score |
1.5 |
| exploitability |
0.5 |
| weighted_severity |
3.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-6u3x-x7qt-g3fa |
|
| 11 |
| url |
VCID-7bzf-3c9x-8qc4 |
| vulnerability_id |
VCID-7bzf-3c9x-8qc4 |
| summary |
An authenticated user with API access (e.g.: user with default User role), more specifically a user with access to the user.update API endpoint is enough to be able to add themselves to any group (e.g.: Zabbix Administrators), except to groups that are disabled or having restricted GUI access. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36467 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47359 |
| published_at |
2026-04-12T12:55:00Z |
|
| 1 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47425 |
| published_at |
2026-04-16T12:55:00Z |
|
| 2 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47366 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47339 |
| published_at |
2026-04-02T12:55:00Z |
|
| 4 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.4736 |
| published_at |
2026-04-09T12:55:00Z |
|
| 5 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47308 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47363 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00241 |
| scoring_system |
epss |
| scoring_elements |
0.47384 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.00327 |
| scoring_system |
epss |
| scoring_elements |
0.55708 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00327 |
| scoring_system |
epss |
| scoring_elements |
0.55729 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36467 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-36467
|
| risk_score |
1.9 |
| exploitability |
0.5 |
| weighted_severity |
3.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7bzf-3c9x-8qc4 |
|
| 12 |
| url |
VCID-7yp1-231f-a3eq |
| vulnerability_id |
VCID-7yp1-231f-a3eq |
| summary |
The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36463 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59354 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59334 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59367 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59373 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59297 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59321 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59286 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59336 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59349 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59368 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00378 |
| scoring_system |
epss |
| scoring_elements |
0.59352 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36463 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-36463
|
| risk_score |
1.6 |
| exploitability |
0.5 |
| weighted_severity |
3.2 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-7yp1-231f-a3eq |
|
| 13 |
| url |
VCID-8cpy-mqfn-y3f9 |
| vulnerability_id |
VCID-8cpy-mqfn-y3f9 |
| summary |
An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-35230 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75306 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75221 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75251 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75229 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75271 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75282 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75302 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.7528 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75269 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75308 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00874 |
| scoring_system |
epss |
| scoring_elements |
0.75315 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-35230 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-35230
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-8cpy-mqfn-y3f9 |
|
| 14 |
| url |
VCID-9aju-xvg1-n7e5 |
| vulnerability_id |
VCID-9aju-xvg1-n7e5 |
| summary |
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-35229 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74234 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74152 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74179 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74151 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74184 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74199 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.7422 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74203 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74196 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74233 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00808 |
| scoring_system |
epss |
| scoring_elements |
0.74243 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-35229 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-35229
|
| risk_score |
1.1 |
| exploitability |
0.5 |
| weighted_severity |
2.3 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9aju-xvg1-n7e5 |
|
| 15 |
| url |
VCID-9z8h-gg7t-b7f8 |
| vulnerability_id |
VCID-9z8h-gg7t-b7f8 |
| summary |
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32724 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72509 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72519 |
| published_at |
2026-04-18T12:55:00Z |
|
| 2 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72428 |
| published_at |
2026-04-02T12:55:00Z |
|
| 3 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72446 |
| published_at |
2026-04-04T12:55:00Z |
|
| 4 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72422 |
| published_at |
2026-04-07T12:55:00Z |
|
| 5 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72461 |
| published_at |
2026-04-08T12:55:00Z |
|
| 6 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72474 |
| published_at |
2026-04-09T12:55:00Z |
|
| 7 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72496 |
| published_at |
2026-04-11T12:55:00Z |
|
| 8 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72478 |
| published_at |
2026-04-12T12:55:00Z |
|
| 9 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.72469 |
| published_at |
2026-04-13T12:55:00Z |
|
| 10 |
| value |
0.0072 |
| scoring_system |
epss |
| scoring_elements |
0.7251 |
| published_at |
2026-04-16T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32724 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-32724
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-9z8h-gg7t-b7f8 |
|
| 16 |
| url |
VCID-batr-txtv-s3cf |
| vulnerability_id |
VCID-batr-txtv-s3cf |
| summary |
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due everything is a file for Linux, it is possible to set another file, e.g. log file and zabbix_server will try to communicate with it as modem. As a result, log file will be broken with AT commands and small part for log file content will be leaked to UI. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22123 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60852 |
| published_at |
2026-04-18T12:55:00Z |
|
| 1 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60823 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60804 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60847 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60757 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60786 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60751 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60799 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60815 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00402 |
| scoring_system |
epss |
| scoring_elements |
0.60836 |
| published_at |
2026-04-21T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22123 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-22123
|
| risk_score |
0.7 |
| exploitability |
0.5 |
| weighted_severity |
1.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-batr-txtv-s3cf |
|
| 17 |
| url |
VCID-cuqx-wxkd-nffa |
| vulnerability_id |
VCID-cuqx-wxkd-nffa |
| summary |
Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29458 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28309 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00103 |
| scoring_system |
epss |
| scoring_elements |
0.28265 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32199 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32249 |
| published_at |
2026-04-16T12:55:00Z |
|
| 4 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32229 |
| published_at |
2026-04-18T12:55:00Z |
|
| 5 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32206 |
| published_at |
2026-04-07T12:55:00Z |
|
| 6 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32254 |
| published_at |
2026-04-08T12:55:00Z |
|
| 7 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32284 |
| published_at |
2026-04-09T12:55:00Z |
|
| 8 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32285 |
| published_at |
2026-04-11T12:55:00Z |
|
| 9 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32247 |
| published_at |
2026-04-12T12:55:00Z |
|
| 10 |
| value |
0.00128 |
| scoring_system |
epss |
| scoring_elements |
0.32216 |
| published_at |
2026-04-13T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29458 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29458
|
| risk_score |
1.5 |
| exploitability |
0.5 |
| weighted_severity |
3.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-cuqx-wxkd-nffa |
|
| 18 |
| url |
VCID-d7uk-h423-77f5 |
| vulnerability_id |
VCID-d7uk-h423-77f5 |
| summary |
The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32726 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32939 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33077 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33109 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.3294 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32985 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33016 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.33019 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32981 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32956 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32998 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00134 |
| scoring_system |
epss |
| scoring_elements |
0.32976 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-32726 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-32726
|
| risk_score |
1.3 |
| exploitability |
0.5 |
| weighted_severity |
2.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-d7uk-h423-77f5 |
|
| 19 |
| url |
VCID-ftt2-5jnt-9ye2 |
| vulnerability_id |
VCID-ftt2-5jnt-9ye2 |
| summary |
Reflected XSS attacks, occur when a malicious script is reflected off a web application to the victim's browser. The script can be activated through Action form fields, which can be sent as request to a website with a vulnerability that enables execution of malicious scripts. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29457 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.58661 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00367 |
| scoring_system |
epss |
| scoring_elements |
0.5864 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65591 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.656 |
| published_at |
2026-04-11T12:55:00Z |
|
| 4 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65586 |
| published_at |
2026-04-12T12:55:00Z |
|
| 5 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65558 |
| published_at |
2026-04-13T12:55:00Z |
|
| 6 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65594 |
| published_at |
2026-04-16T12:55:00Z |
|
| 7 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65607 |
| published_at |
2026-04-18T12:55:00Z |
|
| 8 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65516 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65569 |
| published_at |
2026-04-08T12:55:00Z |
|
| 10 |
| value |
0.0049 |
| scoring_system |
epss |
| scoring_elements |
0.65581 |
| published_at |
2026-04-09T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29457 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29457
|
| risk_score |
2.9 |
| exploitability |
0.5 |
| weighted_severity |
5.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-ftt2-5jnt-9ye2 |
|
| 20 |
| url |
VCID-gbn9-b2t2-5fbs |
| vulnerability_id |
VCID-gbn9-b2t2-5fbs |
| summary |
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23132 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34335 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34448 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34477 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34343 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34386 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34415 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34418 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34379 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34355 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34389 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00141 |
| scoring_system |
epss |
| scoring_elements |
0.34375 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-23132 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-23132
|
| risk_score |
0.8 |
| exploitability |
0.5 |
| weighted_severity |
1.6 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gbn9-b2t2-5fbs |
|
| 21 |
| url |
VCID-gp3f-yz9h-eqax |
| vulnerability_id |
VCID-gp3f-yz9h-eqax |
| summary |
The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36460 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.6348 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63488 |
| published_at |
2026-04-12T12:55:00Z |
|
| 2 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63454 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63495 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63426 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63453 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63418 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.6347 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63487 |
| published_at |
2026-04-16T12:55:00Z |
|
| 9 |
| value |
0.00446 |
| scoring_system |
epss |
| scoring_elements |
0.63504 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36460 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-36460
|
| risk_score |
2.0 |
| exploitability |
0.5 |
| weighted_severity |
4.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-gp3f-yz9h-eqax |
|
| 22 |
| url |
VCID-kx3g-p2zj-duaj |
| vulnerability_id |
VCID-kx3g-p2zj-duaj |
| summary |
URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29456 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31519 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00122 |
| scoring_system |
epss |
| scoring_elements |
0.31478 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.35989 |
| published_at |
2026-04-21T12:55:00Z |
|
| 3 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36042 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36016 |
| published_at |
2026-04-13T12:55:00Z |
|
| 5 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36055 |
| published_at |
2026-04-16T12:55:00Z |
|
| 6 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36041 |
| published_at |
2026-04-18T12:55:00Z |
|
| 7 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36006 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36056 |
| published_at |
2026-04-08T12:55:00Z |
|
| 9 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36074 |
| published_at |
2026-04-09T12:55:00Z |
|
| 10 |
| value |
0.00153 |
| scoring_system |
epss |
| scoring_elements |
0.36081 |
| published_at |
2026-04-11T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29456 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29456
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.1 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-kx3g-p2zj-duaj |
|
| 23 |
| url |
VCID-mggj-rvdd-eqc6 |
| vulnerability_id |
VCID-mggj-rvdd-eqc6 |
| summary |
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24917 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53445 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53387 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53413 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53382 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53434 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53429 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53478 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53462 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75433 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75438 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75444 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24917 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-24917
|
| risk_score |
0.9 |
| exploitability |
0.5 |
| weighted_severity |
1.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-mggj-rvdd-eqc6 |
|
| 24 |
| url |
VCID-nrkb-pzcu-8ueg |
| vulnerability_id |
VCID-nrkb-pzcu-8ueg |
| summary |
Within Zabbix, users have the ability to directly modify memory pointers in the JavaScript engine. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36461 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.7262 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72576 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72618 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72629 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72536 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72553 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.7253 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72568 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.7258 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72604 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00725 |
| scoring_system |
epss |
| scoring_elements |
0.72587 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-36461 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-36461
|
| risk_score |
2.2 |
| exploitability |
0.5 |
| weighted_severity |
4.5 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-nrkb-pzcu-8ueg |
|
| 25 |
| url |
VCID-qhxc-w75p-kqaj |
| vulnerability_id |
VCID-qhxc-w75p-kqaj |
| summary |
An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24919 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53445 |
| published_at |
2026-04-13T12:55:00Z |
|
| 1 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53387 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53413 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53382 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53434 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53429 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53478 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.00301 |
| scoring_system |
epss |
| scoring_elements |
0.53462 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75433 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75438 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00882 |
| scoring_system |
epss |
| scoring_elements |
0.75444 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24919 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-24919
|
| risk_score |
0.9 |
| exploitability |
0.5 |
| weighted_severity |
1.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-qhxc-w75p-kqaj |
|
| 26 |
| url |
VCID-r65p-6wkq-sfb9 |
| vulnerability_id |
VCID-r65p-6wkq-sfb9 |
| summary |
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29450 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00254 |
| scoring_system |
epss |
| scoring_elements |
0.48684 |
| published_at |
2026-04-04T12:55:00Z |
|
| 1 |
| value |
0.00254 |
| scoring_system |
epss |
| scoring_elements |
0.48662 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52434 |
| published_at |
2026-04-18T12:55:00Z |
|
| 3 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52369 |
| published_at |
2026-04-09T12:55:00Z |
|
| 4 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52419 |
| published_at |
2026-04-21T12:55:00Z |
|
| 5 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52403 |
| published_at |
2026-04-12T12:55:00Z |
|
| 6 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52389 |
| published_at |
2026-04-13T12:55:00Z |
|
| 7 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52428 |
| published_at |
2026-04-16T12:55:00Z |
|
| 8 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52321 |
| published_at |
2026-04-07T12:55:00Z |
|
| 9 |
| value |
0.00289 |
| scoring_system |
epss |
| scoring_elements |
0.52374 |
| published_at |
2026-04-08T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2023-29450 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2023-29450
|
| risk_score |
3.9 |
| exploitability |
0.5 |
| weighted_severity |
7.7 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-r65p-6wkq-sfb9 |
|
| 27 |
| url |
VCID-uu3f-3rbn-9fad |
| vulnerability_id |
VCID-uu3f-3rbn-9fad |
| summary |
An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24918 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76651 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76569 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76598 |
| published_at |
2026-04-04T12:55:00Z |
|
| 3 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76578 |
| published_at |
2026-04-07T12:55:00Z |
|
| 4 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.7661 |
| published_at |
2026-04-08T12:55:00Z |
|
| 5 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76621 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76647 |
| published_at |
2026-04-11T12:55:00Z |
|
| 7 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76627 |
| published_at |
2026-04-12T12:55:00Z |
|
| 8 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76617 |
| published_at |
2026-04-13T12:55:00Z |
|
| 9 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76659 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.0097 |
| scoring_system |
epss |
| scoring_elements |
0.76663 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-24918 |
|
| 1 |
|
| 2 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-24918
|
| risk_score |
0.9 |
| exploitability |
0.5 |
| weighted_severity |
1.9 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-uu3f-3rbn-9fad |
|
| 28 |
| url |
VCID-wczj-cv1m-7qce |
| vulnerability_id |
VCID-wczj-cv1m-7qce |
| summary |
An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22116 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65889 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65851 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65886 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65901 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65815 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65845 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65811 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65863 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65875 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65894 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00497 |
| scoring_system |
epss |
| scoring_elements |
0.65881 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22116 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-22116
|
| risk_score |
2.5 |
| exploitability |
0.5 |
| weighted_severity |
5.0 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wczj-cv1m-7qce |
|
| 29 |
| url |
VCID-wfae-uyd7-ybc3 |
| vulnerability_id |
VCID-wfae-uyd7-ybc3 |
| summary |
Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it. In this way, any user will not be able to access the Zabbix Frontend while it is being maintained and possible sensitive data will be prevented from being disclosed. An attacker can bypass this protection and access the instance using IP address not listed in the defined range. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43515 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31727 |
| published_at |
2026-04-08T12:55:00Z |
|
| 1 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31813 |
| published_at |
2026-04-02T12:55:00Z |
|
| 2 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31684 |
| published_at |
2026-04-13T12:55:00Z |
|
| 3 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.3172 |
| published_at |
2026-04-12T12:55:00Z |
|
| 4 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.3176 |
| published_at |
2026-04-11T12:55:00Z |
|
| 5 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31757 |
| published_at |
2026-04-09T12:55:00Z |
|
| 6 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31857 |
| published_at |
2026-04-04T12:55:00Z |
|
| 7 |
| value |
0.00125 |
| scoring_system |
epss |
| scoring_elements |
0.31676 |
| published_at |
2026-04-07T12:55:00Z |
|
| 8 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39644 |
| published_at |
2026-04-21T12:55:00Z |
|
| 9 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39757 |
| published_at |
2026-04-16T12:55:00Z |
|
| 10 |
| value |
0.00181 |
| scoring_system |
epss |
| scoring_elements |
0.39728 |
| published_at |
2026-04-18T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2022-43515 |
|
| 1 |
|
| 2 |
|
| 3 |
|
| 4 |
|
|
| fixed_packages |
| 0 |
|
| 1 |
|
| 2 |
|
| 3 |
| url |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| purl |
pkg:deb/debian/zabbix@1:6.0.14%2Bdfsg-1?distro=trixie |
| is_vulnerable |
true |
| affected_by_vulnerabilities |
| 0 |
| vulnerability |
VCID-172p-q6d5-9ya3 |
|
| 1 |
| vulnerability |
VCID-1xr6-n296-cyfd |
|
| 2 |
| vulnerability |
VCID-3g1d-2tvh-akh4 |
|
| 3 |
| vulnerability |
VCID-3qru-uxsd-e3c8 |
|
| 4 |
| vulnerability |
VCID-464s-8ex9-kqdz |
|
| 5 |
| vulnerability |
VCID-4s92-5es4-yka5 |
|
| 6 |
| vulnerability |
VCID-4uxg-fxv7-rua8 |
|
| 7 |
| vulnerability |
VCID-547a-p94b-6fep |
|
| 8 |
| vulnerability |
VCID-5nmy-hdh8-xbg1 |
|
| 9 |
| vulnerability |
VCID-5s7j-6aea-qucr |
|
| 10 |
| vulnerability |
VCID-5t3e-bfve-d3he |
|
| 11 |
| vulnerability |
VCID-673b-qsd3-e3hz |
|
| 12 |
| vulnerability |
VCID-6u3x-x7qt-g3fa |
|
| 13 |
| vulnerability |
VCID-76qf-8jm4-8kct |
|
| 14 |
| vulnerability |
VCID-7bzf-3c9x-8qc4 |
|
| 15 |
| vulnerability |
VCID-7f3g-hebk-3qad |
|
| 16 |
| vulnerability |
VCID-7yp1-231f-a3eq |
|
| 17 |
| vulnerability |
VCID-9jfn-6nvg-a3b6 |
|
| 18 |
| vulnerability |
VCID-9z8h-gg7t-b7f8 |
|
| 19 |
| vulnerability |
VCID-aetr-jrab-6fg5 |
|
| 20 |
| vulnerability |
VCID-b8tm-2187-wkhz |
|
| 21 |
| vulnerability |
VCID-batr-txtv-s3cf |
|
| 22 |
| vulnerability |
VCID-cdyd-79m9-pyhv |
|
| 23 |
| vulnerability |
VCID-cuqx-wxkd-nffa |
|
| 24 |
| vulnerability |
VCID-d7uk-h423-77f5 |
|
| 25 |
| vulnerability |
VCID-dej6-dxbp-a3bt |
|
| 26 |
| vulnerability |
VCID-ftt2-5jnt-9ye2 |
|
| 27 |
| vulnerability |
VCID-fxqr-51kp-3ber |
|
| 28 |
| vulnerability |
VCID-gp3f-yz9h-eqax |
|
| 29 |
| vulnerability |
VCID-gyqk-zsww-ykdj |
|
| 30 |
| vulnerability |
VCID-kx3g-p2zj-duaj |
|
| 31 |
| vulnerability |
VCID-mhx5-hcg2-wfc4 |
|
| 32 |
| vulnerability |
VCID-n5md-76wa-dbaa |
|
| 33 |
| vulnerability |
VCID-nrkb-pzcu-8ueg |
|
| 34 |
| vulnerability |
VCID-nyhx-57xy-wugc |
|
| 35 |
| vulnerability |
VCID-psak-h1x6-1kca |
|
| 36 |
| vulnerability |
VCID-qzp5-px2f-vqc8 |
|
| 37 |
| vulnerability |
VCID-qzzk-mcfu-sfhv |
|
| 38 |
| vulnerability |
VCID-r65p-6wkq-sfb9 |
|
| 39 |
| vulnerability |
VCID-r8yr-aet5-yydn |
|
| 40 |
| vulnerability |
VCID-ry8x-mjbp-qqct |
|
| 41 |
| vulnerability |
VCID-s1mb-1gsj-pbed |
|
| 42 |
| vulnerability |
VCID-sudd-unuw-wqa9 |
|
| 43 |
| vulnerability |
VCID-uh37-bv9z-1bdz |
|
| 44 |
| vulnerability |
VCID-uxdf-6tyd-rucd |
|
| 45 |
| vulnerability |
VCID-vkfp-asar-7bhw |
|
| 46 |
| vulnerability |
VCID-wczj-cv1m-7qce |
|
| 47 |
| vulnerability |
VCID-zc7p-7yts-5yae |
|
| 48 |
| vulnerability |
VCID-zrfp-skzu-cbet |
|
|
| resource_url |
http://public2.vulnerablecode.io/packages/pkg:deb/debian/zabbix@1:6.0.14%252Bdfsg-1%3Fdistro=trixie |
|
| 4 |
|
| 5 |
|
|
| aliases |
CVE-2022-43515
|
| risk_score |
2.4 |
| exploitability |
0.5 |
| weighted_severity |
4.8 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-wfae-uyd7-ybc3 |
|
| 30 |
| url |
VCID-zrfp-skzu-cbet |
| vulnerability_id |
VCID-zrfp-skzu-cbet |
| summary |
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element. |
| references |
| 0 |
| reference_url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22117 |
| reference_id |
|
| reference_type |
|
| scores |
| 0 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17788 |
| published_at |
2026-04-21T12:55:00Z |
|
| 1 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17795 |
| published_at |
2026-04-13T12:55:00Z |
|
| 2 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.1774 |
| published_at |
2026-04-16T12:55:00Z |
|
| 3 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.1775 |
| published_at |
2026-04-18T12:55:00Z |
|
| 4 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.1797 |
| published_at |
2026-04-02T12:55:00Z |
|
| 5 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.18024 |
| published_at |
2026-04-04T12:55:00Z |
|
| 6 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17723 |
| published_at |
2026-04-07T12:55:00Z |
|
| 7 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17811 |
| published_at |
2026-04-08T12:55:00Z |
|
| 8 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17871 |
| published_at |
2026-04-09T12:55:00Z |
|
| 9 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17887 |
| published_at |
2026-04-11T12:55:00Z |
|
| 10 |
| value |
0.00057 |
| scoring_system |
epss |
| scoring_elements |
0.17844 |
| published_at |
2026-04-12T12:55:00Z |
|
|
| url |
https://api.first.org/data/v1/epss?cve=CVE-2024-22117 |
|
| 1 |
|
| 2 |
|
| 3 |
|
|
| fixed_packages |
|
| aliases |
CVE-2024-22117
|
| risk_score |
0.7 |
| exploitability |
0.5 |
| weighted_severity |
1.4 |
| resource_url |
http://public2.vulnerablecode.io/vulnerabilities/VCID-zrfp-skzu-cbet |
|