GCVE - cpe:2.3:a:zabbix:zabbix:1.8.10:rc1:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:zabbix:zabbix:1.8.10:rc1:*:*:*:*:*:*

part: a version: 1.8.10 update: rc1

Vendor	Zabbix (`8857f8ff-2020-5e62-b9b7-687960752062`)
Product	Zabbix (`ff27d8f3-5575-5d69-ac0d-7d8e9faa4e83`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:docker/zabbix/zabbix-agent`	purl2cpe	2026-06-01 10:13:01.778441
`pkg:github/zabbix/zabbix`	purl2cpe	2026-06-01 10:13:01.778443
`pkg:rpm/fedora/zabbix`	purl2cpe	2026-06-01 10:13:01.778445
`pkg:rpm/opensuse/zabbix`	purl2cpe	2026-06-01 10:13:01.778446
`pkg:zabbix/zbx/zabbix`	purl2cpe	2026-06-01 10:13:01.778448

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2012-6086`	vulnerable	2026-06-08 05:02:59.321269	Details available libs/zbxmedia/eztexting.c in Zabbix 1.8.x before 1.8.18rc1, 2.0.x before 2.0.8rc1, and 2.1.x before 2.1.2 does not properly set the CURLOPT_SSL_VERIFYHOST option for libcurl, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate. Published: 2014-01-29T18:00:00.000Z Updated: 2024-08-06T21:21:28.456Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/57103 https://support.zabbix.com/browse/ZBX-5924 http://www.openwall.com/lists/oss-security/2013/01/03/1	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-5027`	vulnerable	2026-06-08 04:59:34.213245	Details available Cross-site scripting (XSS) vulnerability in ZABBIX before 1.8.10 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the profiler. Published: 2011-12-29T22:00:00.000Z Updated: 2024-08-07T00:23:39.389Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/51093 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071660.html https://support.zabbix.com/browse/ZBX-4015 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071687.html http://osvdb.org/77772	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2011-4615`	vulnerable	2026-06-08 04:59:32.308831	Details available Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgroups.php and (2) usergrps.php, the update action to (3) hosts.php and (4) scripts.php, and (5) maintenance.php. Published: 2011-12-29T22:00:00.000Z Updated: 2024-08-07T00:09:19.538Z Open on db.gcve.eu Reference links http://osvdb.org/77771 http://www.securityfocus.com/bid/51093 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071660.html https://support.zabbix.com/browse/ZBX-4015 http://lists.fedoraproject.org/pipermail/package-announce/2012-January/071687.html	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.