| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-36462 | Allocation of resources without limits or throttling (uncontrolled resource consumption) | Zabbix | Zabbix | High | 7.5 | 2024-08-09 09:40:33 | Deep Dive |
| CVE-2024-36461 | Direct access to memory pointers within the JS engine for modification | Zabbix | Zabbix | Critical | 9.1 | 2024-08-09 09:33:40 | Deep Dive |
| CVE-2024-36460 | Front-end audit log shows passwords in plaintext | Zabbix | Zabbix | High | 8.1 | 2024-08-09 09:28:13 | Deep Dive |
| CVE-2024-22122 | AT(GSM) Command Injection | Zabbix | Zabbix | Low | 3.0 | 2024-08-09 08:46:21 | Deep Dive |
| CVE-2024-22121 | Zabbix Agent MSI Installer Allows Non-Admin User to Access Change Option via msiexec.exe | Zabbix | Zabbix | Medium | 6.1 | 2024-08-09 08:34:47 | Deep Dive |
| CVE-2024-22120 | Time Based SQL Injection in Zabbix Server Audit Log | Zabbix | Zabbix | Critical | 9.1 | 2024-05-17 09:53:53 | Deep Dive |
| CVE-2024-22119 | Stored XSS in graph items select form | Zabbix | Zabbix | Medium | 5.5 | 2024-02-09 08:26:20 | Deep Dive |
| CVE-2023-32728 | Code injection in zabbix_agent2 smart.disk.get caused by smartctl plugin | Zabbix | Zabbix | Medium | 4.6 | 2023-12-18 09:19:52 | Deep Dive |
| CVE-2023-32727 | Code execution vulnerability in icmpping | Zabbix | Zabbix | Medium | 6.8 | 2023-12-18 09:18:48 | Deep Dive |
| CVE-2023-32726 | Possible buffer overread from reading DNS responses | Zabbix | Zabbix | Low | 3.9 | 2023-12-18 09:17:48 | Deep Dive |
| CVE-2023-32725 | Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget. | Zabbix | Zabbix | Critical | 9.6 | 2023-12-18 09:15:24 | Deep Dive |
| CVE-2023-32724 | JavaScript engine memory pointers are directly available for Zabbix users for modification | Zabbix | Zabbix | Critical | 9.1 | 2023-10-12 06:14:46 | Deep Dive |
| CVE-2023-32723 | Inefficient permission check in class CControllerAuthenticationUpdate | Zabbix | Zabbix | High | 8.5 | 2023-10-12 06:11:27 | Deep Dive |
| CVE-2023-32722 | Stack-buffer Overflow in library module zbxjson | Zabbix | Zabbix | Critical | 9.6 | 2023-10-12 06:06:52 | Deep Dive |
| CVE-2023-32721 | Stored XSS in Maps element | Zabbix | Zabbix | High | 7.6 | 2023-10-12 06:04:10 | Deep Dive |
| CVE-2023-29453 | Agent 2 package are built with Go version affected by CVE-2023-24538 | Zabbix | Zabbix | Critical | 9.8 | 2023-10-12 05:50:20 | Deep Dive |
| CVE-2023-29457 | Insufficient validation of Action form input fields | Zabbix | Zabbix | Medium | 6.3 | 2023-07-13 09:35:25 | Deep Dive |
| CVE-2023-29458 | Duktape 2.6 bug crashes JavaScript putting too many values in valstack. | Zabbix | Zabbix | Medium | 5.9 | 2023-07-13 09:33:46 | Deep Dive |
| CVE-2023-29456 | Inefficient URL schema validation | Zabbix | Zabbix | Medium | 5.7 | 2023-07-13 09:33:33 | Deep Dive |
| CVE-2023-29455 | Reflected XSS in several fields of graph form | Zabbix | Zabbix | Medium | 5.4 | 2023-07-13 09:33:19 | Deep Dive |