Pavel Voit

**Name of the Vulnerable Software and Affected Versions** Zabbix versions 6.0.30 through 6.0.30, 6.4.15, and 7.0.0 **Description** The issue is related to the ability to directly modify memory pointers in the JavaScript engine within Zabbix. This could allow a remote attacker to execute arbitrary code. **Recommendations** For Zabbix versions 6.0.30, 6.4.15, and 7.0.0, upgrade to newer versions, such as 6.0.31rc1, 6.4.16rc1, or 7.0.1rc1, respectively, to safeguard resources.

**Name of the Vulnerable Software and Affected Versions** Zabbix (affected versions not specified) **Description** The issue is related to incorrect permission assignment for a critical resource in the Zabbix monitoring system. Exploitation of this issue may allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service. Additionally, there is a problem with a memory pointer in a property of the Ducktape object, which can lead to vulnerabilities related to direct memory access and manipulation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.