Lucene search
K

377 matches found

Circl
Circl
added 2025/01/17 1:35 p.m.5 views

CVE-2024-37603

creationtimestamp| type| source ---|---|--- 2025-01-17 13:35:06+00:00| seen| https://poliverso.org/objects/0477a01e-45ff02b8-52616ac586aa8672 2025-01-20 18:30:05+00:00| seen| https://t.me/truesecator/6638 2025-02-13 23:15:53+00:00| seen|...

4.6CVSS7.1AI score0.00313EPSS
Exploits0References6
Circl
Circl
added 2025/01/14 5:17 p.m.5 views

CVE-2024-12087

creationtimestamp| type| source ---|---|--- 2025-01-14 17:17:49+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113827844477308185 2025-01-14 18:00:52+00:00| seen| https://infosec.exchange/users/cve/statuses/113828013801323601 2025-01-14 18:09:02+00:00| seen|...

7.5CVSS7.2AI score0.02224EPSS
Exploits1References20
Circl
Circl
added 2025/01/14 11:28 a.m.9 views

CVE-2025-0142

creationtimestamp| type| source ---|---|--- 2025-01-14 11:28:39+00:00| seen| https://bsky.app/profile/ripjyr.bsky.social/post/3lfp5igdsmy2m 2025-01-22 17:54:36+00:00| seen| https://infosec.exchange/users/screaminggoat/statuses/113873287621870613 2025-01-30 19:43:38+00:00| seen|...

4.3CVSS4.8AI score0.00264EPSS
Exploits0References7
Circl
Circl
added 2025/01/13 12:35 a.m.21 views

CVE-2025-0405

creationtimestamp| type| source ---|---|--- 2025-01-13 00:35:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113818242852918178 2025-01-13 01:08:57+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1345 2025-01-13 01:15:24+00:00| seen|...

8.8CVSS6.2AI score0.00625EPSS
Exploits1References5
Circl
Circl
added 2025/01/02 4:15 p.m.4 views

CVE-2024-56413

creationtimestamp| type| source ---|---|--- 2025-01-02 16:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lerhwpylog22 2025-01-02 16:52:05+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lerjxlweg32k 2025-01-02 17:36:30+00:00| seen|...

6.1CVSS6AI score0.00226EPSS
Exploits0References3
Circl
Circl
added 2024/12/27 6:35 a.m.10 views

CVE-2024-12983

creationtimestamp| type| source ---|---|--- 2024-12-27 06:35:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113723398348853240 2024-12-27 07:15:30+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lebgx6rkf522 2024-12-27 09:18:00+00:00| seen|...

5.2CVSS5.7AI score0.00524EPSS
Exploits1References3
Rockylinux
Rockylinux
added 2024/09/30 2:30 p.m.6 views

libuser bug fix and enhancement update

An update is available for libuser. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libuser library implements a standardized interface for manipulating and...

7.4AI score
Exploits0
OSV
OSV
added 2024/08/23 7:19 a.m.99 views

BIT-GRAFANA-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS4.5AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2024/08/22 8:3 p.m.11 views

GO-2024-3079 Grafana plugin data sources vulnerable to access control bypass in github.com/grafana/grafana

Grafana plugin data sources vulnerable to access control bypass in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability...

5.4CVSS4.4AI score0.00305EPSS
Exploits0References5
OSV
OSV
added 2024/08/20 6:31 p.m.26 views

GHSA-HH8P-374F-QGR5 Grafana plugin data sources vulnerable to access control bypass

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.9CVSS4.5AI score0.00305EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2024/08/20 6:31 p.m.48 views

Grafana plugin data sources vulnerable to access control bypass

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS6.9AI score0.00305EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2024/08/20 6:15 p.m.32 views

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS0.00305EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/08/20 6:15 p.m.13 views

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS5.9AI score0.00305EPSS
Exploits0References2
OSV
OSV
added 2024/08/20 6:15 p.m.3 views

UBUNTU-CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS5.8AI score0.00305EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/08/20 5:52 p.m.8 views

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

5.4CVSS7.2AI score0.00305EPSS
Exploits0References1
CVE
CVE
added 2024/08/20 5:52 p.m.434 views

CVE-2024-6322

CVE-2024-6322 is documented as a Grafana-related issue where access control for plugin data sources protected by the ReqActions field in plugin.json can be bypassed if a user or service account has query access to any other data source. The root cause is that the ReqActions check is not scoped to...

5.4CVSS7AI score0.00305EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.3 views

PT-2024-37543 · Grafana · Grafana

Name of the Vulnerable Software and Affected Versions: Grafana versions 11.1.0 through 11.1.1 Grafana versions 11.1.2 through 11.1.3 Description: Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted...

5.9CVSS6.9AI score0.00305EPSS
Exploits0References16
Wired Threat Level
Wired Threat Level
added 2024/08/10 11:0 p.m.10 views

Thousands of Corporate Secrets Were Left Exposed. This Guy Found Them All

Security researcher Bill Demirkapi found more than 15,000 hardcoded secrets and 66,000 vulnerable websites—all by searching overlooked data sources...

7.4AI score
Exploits0
ICS
ICS
added 2024/07/11 12:0 p.m.56 views

CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

EXECUTIVE SUMMARY In early 2023, the Cybersecurity and Infrastructure Security Agency CISA conducted a SILENTSHIELD red team assessment against a Federal Civilian Executive Branch FCEB organization. During SILENTSHIELD assessments, the red team first performs a no-notice, long-term simulation of...

9.8CVSS9.9AI score0.98342EPSS
Exploits7References106
Veeam
Veeam
added 2024/07/08 12:0 a.m.46 views

How to Install Grafana with K10 Dashboard and Data Sources Pre-provisioned

Purpose Starting in Veeam Kasten for Kubernetes v7.5.0, Grafana will no longer be included by default. This in-depth technical guide will demonstrate the process of installing Grafana on Kubernetes and populating it with Kasten Data. It will allow you to quickly access pre-provisioned Kasten...

7.1AI score
Exploits0Affected Software1
Rows per page
Query Builder