SUSE-SU-2026:1037-1 Security update for grafana

This update for grafana fixes the following issues: - Security issues fixed: - CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 - CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 - CVE-2026-21720: Fixed...

CVE-2006-3415

Tor before 0.1.1.20 uses improper logic to validate the "OR" destination, which allows remote attackers to perform a man-in-the-middle MITM attack via unspecified vectors...

SUSE-SU-2025:4482-1 Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 11.5.5 to 11.5.10: - Security issues fixed: CVE-2025-64751: Dropped experimental implementation of authorization Zanzana server/client version 11.5.10 bsc1254113 CVE-2025-47911: Fixed parsing HTML documents versi...

VulnCheck KEV: CVE-2025-3415

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

Linux Distros Unpatched Vulnerability : CVE-2025-3415

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed t...

Grafana Labs Integration URL Exposed to Viewers (CVE-2025-3415)

The version of Grafana Labs installed on the remote host is affected by a vulnerability as referenced in the CVE-2025-3415 advisory. - Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to...

CVE-2025-3415

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...

grafana-11.6.3-1.1 on GA media (moderate)

grafana-11.6.3-1.1 on GA media Announcement ID: openSUSE-SU-2025:15226-1 Rating: moderate Cross-References: CVE-2025-1088 CVE-2025-3415 CVSS scores: CVE-2025-1088 SUSE : 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L CVE-2025-1088 SUSE : 5.1...

CVE-2025-3415

creationtimestamp| type| source ---|---|--- 2025-06-13 10:38:04+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3lriam2o24q2c 2025-06-13 10:38:05+00:00| seen| https://bsky.app/profile/nixpkgssecuritychanges.gerbet.me/post/3lriam2wsu42t 2025-06-13 12:05:56+00:00| seen|...

CVE-2024-3415

creationtimestamp| type| source ---|---|--- 2025-02-14 10:01:40+00:00| seen| Telegram/-GKO73mFPjK58LoGxz4PLhhRQzxNiiYSfY9LaztXGM2R804b...

CVE-2016-3415

creationtimestamp| type| source ---|---|--- 2024-01-06 18:14:37+00:00| seen| https://t.me/arpsyndicate/2567...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-3415)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-3415-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3415 Chat Bubble < 2.3 - Unauthenticated Stored Cross-Site Scripting

The Chat Bubble WordPress plugin before 2.3 does not sanitise and escape some contact parameters, which could allow unauthenticated attackers to set Stored Cross-Site Scripting payloads in them, which will trigger when an admin view the related contact message...

CVE-2022-3415

CVE-2022-3415 affects the WordPress Chat Bubble plugin prior to version 2.3. The issue is an unauthenticated Stored Cross-Site Scripting (XSS) vulnerability caused by improper sanitisation/escaping of certain contact parameters, which can trigger when an admin views the related contact message. A...

Ubuntu: Security Advisory (USN-3415-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : sqlite3 (openSUSE-SU-2021:1058-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1058-1 advisory. - SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to...

SUSE: Security Advisory (SUSE-SU-2020:3415-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-3415

Cisco NX-OS Software Data Management Engine (DME) remote code execution vulnerability (CVE-2020-3415) allows an unauthenticated, Layer 2-adjacent attacker to execute arbitrary code with administrative privileges or trigger DoS by sending crafted Cisco Discovery Protocol packets. Root cause: insuf...

Cisco Patches 'High-Severity' Bugs Impacting Switches, Fibre Storage

Cisco Systems disclosed eight high-severity bugs impacting a range of its networking gear, including its switches and fiber storage solutions. Cisco’s NX-OS was hardest hit, with six security alerts tied to the network operating system that underpins the networking giant’s Nexus-series Ethernet...