6 matches found
CVE-2026-8609 Pre-authentication denial of service via the OAuth login route
An unauthenticated attacker can repeatedly call Grafana's OAuth login route with unique values, causing unbounded memory growth that can eventually exhaust memory and crash the Grafana instance denial of service...
MiracleLinux 8 : grafana-7.5.15-4.el8.ML.1 (AXSA:2023-6073:05)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6073:05 advisory. golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: net/http: handle server errors after...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
EUVD-2022-28217
Malicious code in bioql PyPI...
Open redirect
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
TeslaMate 授权问题漏洞
TeslaMate is an open source project, a self-hosted data logger for Tesla. versions prior to TeslaMate 1.25.1 contain an elevation of privilege vulnerability that stems from Tesla's use of the default Docker configuration, which allows an attacker to use Grafana login access to obtain a token for...