Linux Distros Unpatched Vulnerability : CVE-2019-15635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Grafana 5.4.0. Passwords for data sources used by Grafana e.g., MySQL are not encrypted. An admin user can reveal passwords for any...

Linux Distros Unpatched Vulnerability : CVE-2023-39516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2020-7106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php,...

Linux Distros Unpatched Vulnerability : CVE-2023-39512

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-39366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-39514

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-39515

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Stablecoins: Fundamentals, Emerging Issues, and Open Challenges

Stablecoins, with a capitalization exceeding 200 billion USD as of January 2025, have shown significant growth, with annual transaction volumes exceeding 10 trillion dollars in 2023 and nearly doubling that figure in 2024. This exceptional success has attracted the attention of traditional...

BIT-APPSMITH-2024-55965

An issue was discovered in Appsmith before 1.51. Users invited as "App Viewer" incorrectly have access to development information of a workspace specifically, a list of datasources in a workspace they're a member of. This information disclosure does not expose sensitive data in the datasources,...

CVE-2025-32918

creationtimestamp| type| source ---|---|--- 2025-07-04 08:44:34+00:00| seen| https://bsky.app/profile/potato.software/post/3lt4u2hbqlj2v 2025-07-04 09:15:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lt4vrn2w4b2s...

The vulnerability of the CORS mechanism in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the lack of verification of the reliability of data sources or messages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the CORS mechanism in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the CORS mechanism in Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the lack of verification of the reliability of data sources or messages. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2024-6322

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

CVE-2022-3780

Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. This issue affects : Remote Desktop Manager 2022.3.7 and prior versions...

I checked out the European vulnerability database, EUVD, which was officially launched yesterday

I checked out the European vulnerability database,EUVD, which was officiallylaunchedyesterday. Its usefulness is questionable for now. !🤷‍♂️https://s.w.org/images/core/emoji/15.1.0/72x72/1f937-200d-264...

CVE-2025-30328

creationtimestamp| type| source ---|---|--- 2025-05-13 18:11:23+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp32x4gwj3r2 2025-05-13 18:30:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16188 2025-05-13 20:48:11+00:00| seen|...

CVE-2025-3454

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

CVE-2025-3802

creationtimestamp| type| source ---|---|--- 2025-04-19 14:59:55+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12583 2025-04-19 16:09:35+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ln6ji7xfih2v 2025-04-19 16:28:54+00:00| seen|...

CVE-2025-39569

creationtimestamp| type| source ---|---|--- 2025-04-17 16:48:53+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114354325535934214 2025-04-17 18:24:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmzq3cov3l2d 2025-04-17 20:30:36+00:00| seen|...

Server-side Request Forgery (SSRF)

Overview Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via Service Call functionality. A user with sufficient privileges to create Kyverno policies can expose all data from a Kubernetes cluster using a malicious Kyverno policy that makes external service cal...