892 matches found
CVE-2013-5942
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...
CVE-2013-5943
Multiple cross-site scripting XSS vulnerabilities in Graphite before 0.9.11 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-5093
The renderLocalView function in render/views.py in graphite-web in Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object...
CVE-2013-5093
Graphite Web (graphite-web) versions 0.9.5–0.9.10 are affected by an unsafe use of pickle in renderLocalView (render/views.py) that enables remote code execution via a crafted serialized object. Connected advisories corroborate a remote code execution vulnerability in graphite-web involving the p...
CVE-2013-5942
Graphite 0.9.5 through 0.9.10 uses the pickle Python module unsafely, which allows remote attackers to execute arbitrary code via a crafted serialized object, related to 1 remotestorage.py, 2 storage.py, 3 render/datalib.py, and 4 whitelist/views.py, a different vulnerability than CVE-2013-5093...
Fedora Update for graphite-web FEDORA-2013-15710
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for graphite-web FEDORA-2013-15710
Check for the Version of graphite-web OpenVAS Vulnerability Test Fedora Update for graphite-web FEDORA-2013-15710 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora Update for graphite-web FEDORA-2013-15713
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for graphite-web FEDORA-2013-15713
Check for the Version of graphite-web OpenVAS Vulnerability Test Fedora Update for graphite-web FEDORA-2013-15713 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
Fedora 19 : graphite-web-0.9.12-1.fc19 (2013-15710)
This is both an update to 0.9.12 and to address CVE-2013-5093. Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...
Fedora 18 : graphite-web-0.9.12-1.fc18 (2013-15713)
This is both an update to 0.9.12 and to address CVE-2013-5093. Correctly pull in fonts. Initial package import. Initial package import. Initial package import. Initial package import. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora securit...
[SECURITY] Fedora 18 Update: graphite-web-0.9.12-1.fc18
Graphite consists of a storage backend and a web-based visualization fronte nd. Client applications send streams of numeric time-series data to the Graphite backend called carbon, where it gets stored in fixed-size database files similar in design to RRD. The web frontend provides user interfaces...
[SECURITY] Fedora 19 Update: graphite-web-0.9.12-1.fc19
Graphite consists of a storage backend and a web-based visualization fronte nd. Client applications send streams of numeric time-series data to the Graphite backend called carbon, where it gets stored in fixed-size database files similar in design to RRD. The web frontend provides user interfaces...
Graphite RCE Vulnerability
Graphite is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Graphite Web Unsafe Pickle Handling Exploit
This Metasploit module exploits a remote code execution vulnerability in the pickle handling of the rendering code in the Graphite Web project between version 0.9.5 and 0.9.10 both included. This file is part of the Metasploit Framework and may be subject to redistribution and commercial...
Graphite Web Unsafe Pickle Handling
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Graphite Web Unsafe Pickle Handling',...
py-graphite-web -- Multiple vulnerabilities
Graphite developers report: This release contains several security fixes for cross-site scripting XSS as well as a fix for a remote-execution exploit in graphite-web CVE-2013-5903...
Graphite Web - Unsafe Pickle Handling (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Graphite Web Unsafe Pickle Handling',...
Graphite Web Unsafe Pickle Handling
This module exploits a remote code execution vulnerability in the pickle handling of the rendering code in the Graphite Web project between version 0.9.5 and 0.9.10 both included. This module requires Metasploit: https://metasploit.com/download Current source:...
openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2012:1064-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...