VDB

GCVE-110-NCSC-2024-462

GCVE-110-NCSC-2024-462
Advisory PublishedCVSS 2.7/10
Vulnetix · Advisory published December 2, 2024
Zabbix heeft kwetsbaarheden verholpen in de Zabbix server en frontend.

Weaknesses (CWE)

CWE-256Plaintext Storage of a PasswordCWE-290Authentication Bypass by SpoofingCWE-121Stack-based Buffer OverflowCWE-416Use After FreeCWE-89Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')CWE-690Unchecked Return Value to NULL Pointer DereferenceCWE-134Use of Externally-Controlled Format StringCWE-74Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')CWE-126Buffer Over-read

Risk Scores

CVSS 3.1
2.7/10
Low · CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersionsPlatforms
zabbixzabbix
zabbixfrontend

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›