Vulnerabilities > Zabbix > Zabbix > 5.0.25
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-22114 | Improper Preservation of Permissions vulnerability in Zabbix User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard. | 4.3 |
| 2024-08-12 | CVE-2024-22121 | Improper Preservation of Permissions vulnerability in Zabbix A non-admin user can change or remove important features within the Zabbix Agent application, thus impacting the integrity and availability of the application. | 6.1 |
| 2024-08-12 | CVE-2024-22122 | Command Injection vulnerability in Zabbix Zabbix allows to configure SMS notifications. | 9.1 |
| 2024-08-12 | CVE-2024-22123 | Code Injection vulnerability in Zabbix Setting SMS media allows to set GSM modem file. | 2.7 |
| 2024-08-12 | CVE-2024-36460 | Insufficiently Protected Credentials vulnerability in Zabbix The front-end audit log allows viewing of unprotected plaintext passwords, where the passwords are displayed in plain text. | 8.1 |
| 2024-02-09 | CVE-2024-22119 | Cross-site Scripting vulnerability in Zabbix The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section. | 5.4 |
| 2023-10-12 | CVE-2023-32721 | Cross-site Scripting vulnerability in Zabbix A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. | 5.4 |
| 2023-10-12 | CVE-2023-32724 | Incorrect Permission Assignment for Critical Resource vulnerability in Zabbix Memory pointer is in a property of the Ducktape object. | 8.8 |
| 2023-07-13 | CVE-2023-29451 | Out-of-bounds Write vulnerability in Zabbix Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy. | 7.5 |
| 2023-07-13 | CVE-2023-29449 | Allocation of Resources Without Limits or Throttling vulnerability in Zabbix JavaScript preprocessing, webhooks and global scripts can cause uncontrolled CPU, memory, and disk I/O utilization. | 4.9 |