Security Bulletin: IBM Storage Ceph is vulnerable to the Authorization Bypass Through User-Controlled Key in Grafana (CVE-2024-10452)

Summary Grafana is used by IBM Storage Ceph as a metrics dashboard. This bulletin identifies the steps to take to address the vulnerability in Grafana. CVE-2024-10452 Vulnerability Details CVEID:CVE-2024-10452 DESCRIPTION: Organization admins can delete pending invites created in an organization...

openSUSE Security Advisory (SUSE-SU-2024:3950-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-10452

creationtimestamp| type| source ---|---|--- 2024-10-29 18:07:29+00:00| seen| https://t.me/cvedetector/9343...

CVE-2024-10452

A flaw was found in Grafana. Organization administrators may be able to delete pending invites created in organizations they are not a part of...

CVE-2024-10452

Organization admins can delete pending invites created in an organization they are not part of...

CVE-2024-10452

Organization admins can delete pending invites created in an organization they are not part of...

CVE-2024-10452

Organization admins can delete pending invites created in an organization they are not part of...

CVE-2020-10452

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/save-article.php by adding a question mark ? followed by the payload...

CVE-2020-10452

CVE-2020-10452 concerns Chadha PHPKB Standard Multi-Language 9. Reflected XSS via URIs processed in admin/header.php, enabling injection of script/HTML when an attacker crafts a URI that is passed to admin/add-article.php/save-article.php (and related admin pages as per connected Red Hat advisori...

F5 BIG-IP Input Validation Error Vulnerability (CNVD-2020-10452)

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A security vulnerability exists in F5 BIG-IP. The vulnerability stems from a network system or product that does not properly...

CVE-2019-10452

CVE-2019-10452 affects the Jenkins View26 Test-Reporting Plugin, where credentials are stored unencrypted in job config.xml on the Jenkins controller/master. This plaintext storage can be read by users with Extended Read permission or with access to the master/controller filesystem, increasing ri...

CVE-2016-10452

CVE-2016-10452 affectsAndroid environments on Qualcomm Snapdragon Automotive and Snapdragon Mobile (SD 410/12, 425, 430, 450, 615/16/415, 617, 625, 650/52, 808, 810, 820, 820A, 835). Root cause: memory protection assertion occurs after out-of-order termination of a trusted application (TA). Impac...

SuSE 11.3 Security Update : util-linux (SAT Patch Number 10452)

util-linux has been updated to fix one security issue : - command injection flaw in blkid bnc907434. Additionally, these non-security issues have been fixed :. CVE-2014-9114 - Fix possible script hang. bnc888678 - Enable build of libmount / findmnt. bnc900965 - Don't stop trying filesystem when...