[SECURITY] Fedora 35 Update: grafana-7.5.15-3.fc35

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

[SECURITY] Fedora 36 Update: grafana-7.5.15-3.fc36

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

Trellix Global Defenders: Defending against Cyber Espionage Campaigns – Operation Graphite

Trellix Global Defenders: Defending against Cyber Espionage Campaigns – Operation Graphite By Ben Marandel, Arnab Roy · June 20, 2022 Cyber Espionage campaigns by nature are targeted attacks that can go undetected for prolonged periods of time. Cyber Espionage campaigns often involve adversaries...

Trellix Global Defenders: Defending against Cyber Espionage Campaigns – Operation Graphite

Trellix Global Defenders: Defending against Cyber Espionage Campaigns – Operation Graphite By Ben Marandel, Arnab Roy · June 20, 2022 Cyber Espionage campaigns by nature are targeted attacks that can go undetected for prolonged periods of time. Cyber Espionage campaigns often involve adversaries...

GHSA-CH3J-W953-HFCM graphite-web is vulnerable to Remote Code Execution

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

graphite-web is vulnerable to Remote Code Execution

Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...

graphite-web is vulnerable to Remote Code Execution via renderLocalView function

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

GHSA-M923-W2GJ-V43G graphite-web is vulnerable to Remote Code Execution via renderLocalView function

The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...

Grafana XSS Vulnerability

Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting XSS vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where t...

GHSA-X5FH-FVVR-892F Grafana XSS Vulnerability

Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting XSS vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser.. This attack appear to be exploitable via Authenticated user must click on the input field where t...

Low: grafana security, bug fix, and enhancement update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana 7.5.11. BZ1993214 Security Fixes: grafana: directory traversal vulnerability CVE-2021-43813 For more details...

Fedora: Security Advisory for grafana (FEDORA-2022-9dd03cab55)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for grafana (FEDORA-2022-83405f9d5b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: grafana-7.5.15-2.fc34

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

Grafana Cross-Site Request Forgery Vulnerability

Grafana is an open source monitoring tool from Grafana Labs that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, Prometheus, etc. A cross-site request forgery vulnerability exists in Grafana, which stems from the product's failure to...

Grafana Cross-Site Scripting Vulnerability (CNVD-2022-28802)

Grafana is a set of open source monitoring tools from Grafana Labs that provides a visual monitoring interface. The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus, etc. A cross-site scripting vulnerability exists in Grafana, which stems from the product's failure to...

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

Looking Over the Nation-State Actors’ Shoulders

Looking over the nation-state actors’ shoulders: Even they have a difficult day sometimes By Trellix and Marc Elias · Febraury 17, 2022 Have you ever been curious about how nation-state actors operate and what their day-to-day work looks like? This blog reveals some of these details observed base...

[SECURITY] Fedora 35 Update: grafana-7.5.11-3.fc35

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

Mageia: Security Advisory (MGASA-2017-0217)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...