Lucene search
K

22 matches found

NVD
NVD
added 6 days ago9 views

CVE-2026-57955

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated...

8.5CVSS0.00235EPSS
Exploits0References2
CVE
CVE
added 6 days ago11 views

CVE-2026-57955

SigNoz versions up to 0.130.1 are affected by a SQL injection in the alert-history endpoints. The issue arises from unsanitized rule ID interpolation into ClickHouse queries, allowing authenticated attackers to inject URL-encoded quotes via the rule ID path parameter. The consequence is potential...

8.5CVSS6.1AI score0.00235EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago34 views

CVE-2026-57955 SigNoz 0.130.1 - SQL Injection in Alert History Endpoints via Rule ID Parameter

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated...

8.5CVSS0.00235EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40140

SigNoz through 0.130.1 contains a SQL injection vulnerability that allows authenticated attackers to execute arbitrary ClickHouse queries by injecting URL-encoded quotes into the rule ID path parameter of the alert-history endpoints. Attackers can manipulate the unsanitized rule ID interpolated...

8.5CVSS6.1AI score0.00235EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/03/25 10:31 a.m.7 views

Security update for grafana

This update for grafana fixes the following issues: Security issues fixed: CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 CVE-2026-21720: Fixed...

8.7CVSS5.8AI score0.0089EPSS
Exploits1References22
RedhatCVE
RedhatCVE
added 2025/05/22 8:36 p.m.4 views

CVE-2021-35478

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page...

5.4CVSS6.1AI score0.76624EPSS
Exploits2References1
CNNVD
CNNVD
added 2025/03/20 12:0 a.m.5 views

OpenUI 跨站脚本漏洞

OpenUI is a UI program open-sourced by Weights & Biases. A cross-site scripting vulnerability exists in OpenUI, which stems from a stored cross-site scripting vulnerability in the Edit HTML function that could lead to the theft of a user's alert history and other sensitive information...

5.4CVSS5.1AI score0.00279EPSS
Exploits0References2
NVD
NVD
added 2021/07/30 2:15 p.m.18 views

CVE-2021-35478

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page...

5.4CVSS0.76624EPSS
Exploits2References3
OSV
OSV
added 2021/07/30 2:15 p.m.3 views

CVE-2021-35478

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page...

5.4CVSS5.8AI score0.76624EPSS
Exploits2References3
NVD
NVD
added 2021/07/30 2:15 p.m.18 views

CVE-2021-35479

Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page...

5.4CVSS0.13151EPSS
Exploits1References3
OSV
OSV
added 2021/07/30 2:15 p.m.4 views

CVE-2021-35479

Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page...

5.4CVSS5.8AI score0.76624EPSS
Exploits2References3
Prion
Prion
added 2021/07/30 2:15 p.m.13 views

Cross site scripting

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page...

3.5CVSS5.2AI score0.76624EPSS
Exploits2References3Affected Software1
Prion
Prion
added 2021/07/30 2:15 p.m.11 views

Cross site scripting

Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page...

3.5CVSS5.2AI score0.76624EPSS
Exploits2References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2021/07/30 12:0 a.m.51 views

CVE-2021-35479

Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page. Recent assessments: NinjaOperator at July 23, 2021 9:42pm UTC reported:...

3.5CVSS0.7AI score0.76624EPSS
Exploits2References4
CNNVD
CNNVD
added 2021/07/29 12:0 a.m.6 views

Nagios Log Server 跨站脚本漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A cross-site scripting vulnerability exists in Nagios Log Server versions prior to 2.1.9. The vulnerability stems from Nagios Log Server including XSS in the drop-down boxes of the Aler...

5.4CVSS5.4AI score0.76624EPSS
Exploits2References4
CNNVD
CNNVD
added 2021/07/29 12:0 a.m.5 views

Nagios Log Server 跨站脚本漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A cross-site scripting vulnerability exists in Nagios Log Server versions prior to 2.1.9. The vulnerability stems from Nagios Log Server including XSS in the customized column views of...

5.4CVSS5.4AI score0.76624EPSS
Exploits2References5
CVE
CVE
added 2021/07/27 11:47 a.m.72 views

CVE-2021-35479

CVE-2021-35479 affects Nagios Log Server prior to version 2.1.9, where a Stored XSS vulnerability exists in the custom column view of the alert history and audit log via the affected pp parameter. Exploitation is described as requiring a crafted link or a third‑party webpage to trigger the vulner...

5.4CVSS5.1AI score0.13151EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2021/07/27 11:44 a.m.65 views

CVE-2021-35478

CVE-2021-35478 and CVE-2021-35479 pertain to Nagios Log Server prior to 2.1.9. The CVE-2021-35478 entry describes a Reflected XSS in the dropdown for the alert history and audit log filtering parameters, exploitable when a user opens a crafted link or third‑party page. The CVE-2021-35479 entry de...

5.4CVSS5.2AI score0.76624EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2021/07/27 11:44 a.m.28 views

CVE-2021-35478

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page...

5.4AI score0.76624EPSS
Exploits2References3
Microsoft KB
Microsoft KB
added 2020/04/09 12:0 a.m.86 views

Update Rollup 3 for System Center 2012 R2 Operations Manager

Update Rollup 3 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 3 for System...

7.2AI score
Exploits0
Rows per page
Query Builder