Grafana 安全漏洞

Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana that stems from the fact that if a...

CVE-2024-6782

creationtimestamp| type| source ---|---|--- 2024-08-06 07:28:44+00:00| seen| https://t.me/cvedetector/2527 2024-08-06 15:34:46+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8184 2024-08-07 07:34:24+00:00| seen| https://t.me/proxybar/2214 2024-08-07 17:42:22+00:00| seen|...

Dify Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Dify instance on the target application. Dify is an open-source LLM app development platform. This detection is included in the AI and LLM category. No source data...

VulnCheck KEV: CVE-2019-15637

Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop...

The vulnerability of the MySQL Data Source Handler component of the Apache Linkis application connection, management, and orchestration software allows a attacker to execute arbitrary code.

The vulnerability of the MySQL Data Source Handler component of the Apache Linkis connection management and orchestration software lies in defects in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted...

Grafana plugins route actions are not scoped to instance

Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...

The vulnerability of the DataSource Manager module of the Apache Linkis application connection, management, and orchestration software allows a attacker to execute arbitrary code.

The vulnerability of the DataSourceManager module in the Apache Linkis application connection, management, and orchestration software is related to the lack of effective parameter filtering. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting JNDI...

H2O Flow Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible H2O Flow instance on the target application. H2O Flow is an open-source user interface for H2O, an open-source, distributed and scalable machine learning and predictive analytics platform. This...

Apache Linkis Code Issue Vulnerability

Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability, the vulnerability stems from the data...

Apache Linkis DataSource remote code execution vulnerability

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

CVE-2023-46801

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

CVE-2023-46801

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

CVE-2023-46801 Apache Linkis DataSource: DataSource Remote code execution vulnerability

In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...

CVE-2023-46801

Apache Linkis vulnerable to remote code execution in the DataSource MySQL handler for versions = 1.8.0_241 and/or upgrade Linkis to version 1.6.0. If upgrading is not immediately possible, validate and restrict JRMP usage and account privileges to reduce exposure. If exploitation details are not ...

Apache Linkis 代码问题漏洞

Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability , the vulnerability stems from the lack ...

Apache Linkis Security Vulnerability

Apache Linkis is a middleware product from the Apache Foundation that establishes an effective connection between upper-tier applications and the underlying data engine. A security vulnerability exists in Apache Linkis versions prior to 1.6.0, which stems from a lack of effective parameter...

Apache Linkis 代码问题漏洞

Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability, the vulnerability stems from the data...

PT-2024-5100 · Apache · Apache Linkis

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions = 1.8.0 241. For Apache Linkis versions = 1.5.0, upgrade Linkis to version 1.6.0...

CVE-2024-6411

creationtimestamp| type| source ---|---|--- 2024-07-10 07:33:44+00:00| seen| https://t.me/cvedetector/507 2025-02-14 09:47:00+00:00| seen| Telegram/3nm-cCgCoeyH8a1WpJsfQVll0GJIaQ8Tul9DcmLIt0qLGT...

CVE-2024-25053

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, and 12.0.2 is vulnerable to improper certificate validation when using the IBM Planning Analytics Data Source Connection. This could allow an attacker to spoof a trusted entity by interfering in the communication path...