Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

892 matches found

Positive Technologies
Positive Technologiesadded 2022/12/24 12:0 a.m.3 views

PT-2022-28042 · Unknown +2 · Graphite Web +2

Name of the Vulnerable Software and Affected Versions: Graphite Web affected versions not specified Description: A problem has been found in Graphite Web that affects unknown code of the Cookie Handler component. This issue leads to cross-site scripting and can be initiated remotely. The exploit...

7.5CVSS5.4AI score0.91616EPSS
Exploits4References34
CVE
CVEadded 2022/12/24 12:0 a.m.237 views

CVE-2022-4730

Graphite-Web contains multiple cross-site scripting vulnerabilities in components including the Absolute Time Range Handler. CVE-2022-4730 (along with CVE-2022-4728 and CVE-2022-4729) affect graphite-web and could be exploited remotely. Debian reports these issues and provides a security update: ...

5.4CVSS4.6AI score0.00418EPSS
Exploits1References4Affected Software1
vulnersOsv
vulnersOsvadded 2022/11/22 9:30 p.m.4 views

io.quarkiverse.cxf:quarkus-cxf-deployment (=1.6.0), io.quarkiverse.cxf:quarkus-cxf-rt-features-logging-deployment (=1.6.0) +95 more potentially affected by CVE-2022-4116 via io.quarkus:quarkus-vertx-http-deployment (>=2.14.0.CR1 <=2.14.1.Final)

io.quarkus:quarkus-vertx-http-deployment MAVEN version =2.14.0.CR1, =2.14.1.Final is affected by a known vulnerability. The following packages have a transitive dependency on io.quarkus:quarkus-vertx-http-deployment and may be impacted: - io.quarkiverse.cxf:quarkus-cxf-deployment =1.6.0 -...

9.8CVSS7.3AI score0.029EPSS
Exploits0
Positive Technologies
Positive Technologiesadded 2022/10/05 12:0 a.m.3 views

PT-2022-6684 · Ashlar Vellum · Ashlar-Vellum Graphite

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this issue, where th...

8.8CVSS7.2AI score0.01581EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2022/10/05 12:0 a.m.3 views

PT-2022-6687 · Ashlar Vellum · Ashlar-Vellum Graphite

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite affected versions not specified Description: The issue is related to an out-of-bounds write when parsing VC6 files, which can be exploited to execute arbitrary code. This can be achieved by remote attackers if the targe...

8.8CVSS7.7AI score0.02056EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2022/10/05 12:0 a.m.3 views

PT-2022-6686 · Ashlar Vellum · Ashlar-Vellum Graphite

Name of the Vulnerable Software and Affected Versions: Ashlar-Vellum Graphite affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Graphite. User interaction is required to exploit this issue, where th...

8.8CVSS7.3AI score0.015EPSS
Exploits0References5
HackRead
HackReadadded 2022/09/29 3:0 p.m.9 views

Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files

By Deeba Ahmed APT28 or Fancy Bear is linked with the Russian military intelligence unit called GRU. This is a post from HackRead.com Read the original post: Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files...

4.2AI score
Exploits0
Malwarebytes
Malwarebytesadded 2022/09/28 9:15 p.m.22 views

APT28 attack uses old PowerPoint trick to download malware

Researchers at Cluster25 have published research about exploit code that's triggered when a user moves their mouse over a link in a booby-trapped PowerPoint presentation. The code starts a PowerShell script that downloads and executes a dropper for Graphite malware. Graphite is named after...

1.8AI score
Exploits0
The Hacker News
The Hacker Newsadded 2022/09/28 10:9 a.m.289 views

Hackers Using PowerPoint Mouseover Trick to Infect Systems with Malware

The Russian state-sponsored threat actor known as APT28 has been found leveraging a new code execution method that makes use of mouse movement in decoy Microsoft PowerPoint documents to deploy malware. The technique "is designed to be triggered when the user starts the presentation mode and moves...

8.8CVSS2.1AI score0.94332EPSS
Exploits38
Fedora
Fedoraadded 2022/09/27 12:16 a.m.28 views

[SECURITY] Fedora 37 Update: grafana-9.0.9-1.fc37

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

6.6CVSS6.8AI score0.00881EPSS
Exploits0
CNNVD
CNNVDadded 2022/09/20 12:0 a.m.2 views

Grafana 安全漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. Grafana has a security vulnerability. No information about this vulnerability is...

7.6CVSS7AI score0.00154EPSS
Exploits0References6
OpenVAS
OpenVASadded 2022/08/01 12:0 a.m.7 views

Fedora: Security Advisory for grafana (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References2
Fedora
Fedoraadded 2022/07/31 1:37 a.m.15 views

[SECURITY] Fedora 36 Update: grafana-7.5.15-4.fc36

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

7.4AI score
Exploits0
RedHat Linux
RedHat Linuxadded 2022/07/26 3:54 p.m.39 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.2AI score0.00941EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2022/07/26 3:1 p.m.36 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.2AI score0.00941EPSS
Exploits0References2
OSV
OSVadded 2022/07/26 1:52 p.m.24 views

RLSA-2022:5716 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account takeover CVE-2022-31107 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.1CVSS7.4AI score0.00941EPSS
Exploits0References2
OSV
OSVadded 2022/07/26 12:0 a.m.30 views

ALSA-2022:5716 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account takeover CVE-2022-31107 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.3AI score0.00941EPSS
Exploits0References4
AlmaLinux
AlmaLinuxadded 2022/07/26 12:0 a.m.25 views

Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account takeover CVE-2022-31107 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.7AI score0.00941EPSS
Exploits0References4
Fedora
Fedoraadded 2022/07/20 1:40 a.m.16 views

[SECURITY] Fedora 35 Update: grafana-7.5.15-3.fc35

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

7.4AI score
Exploits0
Fedora
Fedoraadded 2022/07/13 2:0 a.m.19 views

[SECURITY] Fedora 36 Update: grafana-7.5.15-3.fc36

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

9.3CVSS9AI score0.00963EPSS
Exploits4
Rows per page
Query Builder