AlmaLinux 10 : kernel (ALSA-2026:9264)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9264 advisory. kernel: net/sched: Make cakeenqueue return NETXMITCN when past bufferlimit CVE-2025-39766 kernel: scsi: qla2xxx: Fix improper freeing of purex item...

RHSA-2026:9264 Red Hat Security Advisory: kernel security update

Bulletin has no description...

CVE-2024-9264 vulnerabilities

Vulnerabilities for packages: grafana...

CVE-2025-9264

A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/job/admin/controller/JobInfoController.java of the component Jobs Handler. Performing manipulation of the argument ID results in improper control of resource...

CVE-2025-9264

A vulnerability was found in Xuxueli xxl-job up to 3.1.1. Affected by this issue is the function remove of the file /src/main/java/com/xxl/job/admin/controller/JobInfoController.java of the component Jobs Handler. Performing manipulation of the argument ID results in improper control of resource...

Exploit for Code Injection in Grafana

CVE-2024-9264 Authenticated RCE in Grafana v11.0 via SQL Exp...

Exploit for Code Injection in Grafana

CVE-2024-92...

SUSE SLES15 / openSUSE 15 Security Update : grafana (SUSE-SU-2025:01991-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01991-1 advisory. grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: - Security issues fixed: CVE-2025-4123: Fix cross-site scriptin...

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: Security issues fixed: CVE-2025-4123: Fix cross-site scripting vulnerability bsc1243714. CVE-2025-22872: Bump golang.org/x/net/html bsc1241809 CVE-2025-3580: Prevent unauthorized...

Exploit for Code Injection in Grafana

🛠️ CVE-2024-9264 - Fixed Grafana RCE Exploit This is a fixe...

Exploit for Code Injection in Grafana

🚨 CVE-2024-9264 - Grafana SQL injection leading to Remote Code...

CVE-2019-9264

In libxaac there is a possible out of bounds read due to missing bounds check. This could lead to information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116774502...

Grafana Labs SQL expressions allowing for RCE (CVE-2024-9264)

The version of Grafana Labs installed on the remote host is affected by a vulnerability as referenced in the CVE-2024-9264 advisory. - The SQL Expressions experimental feature of Grafana allows for the evaluation of 'duckdb' queries containing user input. These queries are insufficiently sanitize...

openSUSE Security Advisory (SUSE-SU-2024:3911-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

grafana-11.3.0-1.1 on GA media (moderate)

grafana-11.3.0-1.1 on GA media Announcement ID: openSUSE-SU-2024:14431-1 Rating: moderate Cross-References: CVE-2024-8118 CVE-2024-9264 CVSS scores: CVE-2024-8118 SUSE : 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L CVE-2024-9264 SUSE : 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H...

Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties

Palo Alto Expedition versions before 1.2.96 suffer from multiple vulnerabilities: - An unauthenticated OS command Injection vulnerability through the /API/convertCSVtoParquet.php endpoint CVE-2024-9264 - An authenticated OS command injection vulnerability CVE-2024-9464 - An unauthenticated SQL...

Exploit for Code Injection in Grafana

File-Read-CVE-2024-9264 Proof Of Concept for File Read in Graf...

Exploit for Code Injection in Grafana

CVE-2024-9264 Grafana Post-Auth DuckDB SQL Injection RCE...

CVE-2024-9264 vulnerabilities

Vulnerabilities for packages: grafana-fips, grafana...

CVE-2024-9264

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...