zabbix (SUSE:Linux Enterprise Server for SAP Applications 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server for SAP Applications 12 SP5 package zabbix, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (11)
CVE-2021-27927 — CVSS 8.8 (high): In Zabbix from 4.0.x before 4.0.28rc1, 5.0.0alpha1 before 5.0.10rc1, 5.2.x before 5.2.6rc1, and 5.4.0alpha1 before 5.4.0beta2, the…
CVE-2023-29450 — CVSS 8.5 (high): JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on…
CVE-2020-15803 — CVSS 6.1 (medium): Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL…
CVE-2024-22119 — CVSS 5.5 (medium): The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.
CVE-2022-43515 — CVSS 5.3 (medium): Zabbix Frontend provides a feature that allows admins to maintain the installation and ensure that only certain IP addresses can access it…
CVE-2022-24349 — CVSS 4.6 (medium): An authenticated user can create a link with reflected XSS payload for actions’ pages, and send it to other users. Malicious code has…
CVE-2022-24918 — CVSS 3.7 (low): An authenticated user can create a link with reflected Javascript code inside it for items’ page and send it to other users. The payload…
CVE-2022-24919 — CVSS 3.7 (low): An authenticated user can create a link with reflected Javascript code inside it for graphs’ page and send it to other users. The payload…
CVE-2022-35230 — CVSS 3.7 (low): An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The…
CVE-2022-24917 — CVSS 3.7 (low): An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The…