16 matches found
CVE-2024-9264 vulnerabilities
Vulnerabilities for packages: grafana...
Exploit for Code Injection in Grafana
CVE-2024-9264 Authenticated RCE in Grafana v11.0 via SQL Exp...
Exploit for Code Injection in Grafana
CVE-2024-92...
SUSE SLES15 / openSUSE 15 Security Update : grafana (SUSE-SU-2025:01991-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:01991-1 advisory. grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: - Security issues fixed: CVE-2025-4123: Fix cross-site scriptin...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.15 to 11.5.5 jscPED-12918: Security issues fixed: CVE-2025-4123: Fix cross-site scripting vulnerability bsc1243714. CVE-2025-22872: Bump golang.org/x/net/html bsc1241809 CVE-2025-3580: Prevent unauthorized...
Exploit for Code Injection in Grafana
🛠️ CVE-2024-9264 - Fixed Grafana RCE Exploit This is a fixe...
Exploit for Code Injection in Grafana
🚨 CVE-2024-9264 - Grafana SQL injection leading to Remote Code...
Grafana Labs SQL expressions allowing for RCE (CVE-2024-9264)
The version of Grafana Labs installed on the remote host is affected by a vulnerability as referenced in the CVE-2024-9264 advisory. - The SQL Expressions experimental feature of Grafana allows for the evaluation of 'duckdb' queries containing user input. These queries are insufficiently sanitize...
openSUSE Security Advisory (SUSE-SU-2024:3911-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
grafana-11.3.0-1.1 on GA media (moderate)
grafana-11.3.0-1.1 on GA media Announcement ID: openSUSE-SU-2024:14431-1 Rating: moderate Cross-References: CVE-2024-8118 CVE-2024-9264 CVSS scores: CVE-2024-8118 SUSE : 4.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L CVE-2024-9264 SUSE : 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H...
Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties
Palo Alto Expedition versions before 1.2.96 suffer from multiple vulnerabilities: - An unauthenticated OS command Injection vulnerability through the /API/convertCSVtoParquet.php endpoint CVE-2024-9264 - An authenticated OS command injection vulnerability CVE-2024-9464 - An unauthenticated SQL...
Exploit for Code Injection in Grafana
File-Read-CVE-2024-9264 Proof Of Concept for File Read in Graf...
Exploit for Code Injection in Grafana
CVE-2024-9264 Grafana Post-Auth DuckDB SQL Injection RCE...
CVE-2024-9264 vulnerabilities
Vulnerabilities for packages: grafana-fips, grafana...
CVE-2024-9264
The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...
CVE-2024-9264
creationtimestamp| type| source ---|---|--- 2024-10-17 15:49:14+00:00| exploited| https://github.com/nollium/CVE-2024-9264 2024-10-18 06:52:30+00:00| seen| https://t.me/cvedetector/8272 2024-10-18 12:29:00+00:00| seen| None 2024-10-19 16:44:06+00:00| published-proof-of-concept|...