6 results (0.005 seconds)

CVSS: 6.5EPSS: %CPEs: 4EXPL: 0

The implementation of atob in "Zabbix JS" allows to create a string with arbitrary content and use it to access internal properties of objects. • https://support.zabbix.com/browse/ZBX-25611 • CWE-767: Access to Critical Private Variable via Public Method •

CVSS: 2.2EPSS: %CPEs: 3EXPL: 0

When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding sysmapelementurlid + 1. This action prevents others from adding URLs to the map element. • https://support.zabbix.com/browse/ZBX-25610 • CWE-20: Improper Input Validation •

CVSS: 5.5EPSS: 0%CPEs: 10EXPL: 1

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. La causa de la vulnerabilidad es la validación inadecuada del campo de entrada del formulario "Nombre" en la página Gráfico en la sección Elementos. • https://lists.debian.org/debian-lts-announce/2024/04/msg00020.html https://support.zabbix.com/browse/ZBX-24070 • CWE-20: Improper Input Validation CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.1EPSS: 0%CPEs: 6EXPL: 0

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation. El puntero de memoria está en una propiedad del objeto Ducktape. Esto conduce a múltiples vulnerabilidades relacionadas con el acceso directo y la manipulación de la memoria. • https://support.zabbix.com/browse/ZBX-23391 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.6EPSS: 0%CPEs: 5EXPL: 0

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open. El módulo zabbix/src/libs/zbxjson es vulnerable a un desbordamiento del búfer al analizar archivos JSON a través de zbx_json_open. • https://support.zabbix.com/browse/ZBX-23390 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •