Lucene search
+L

94 matches found

CNNVD
CNNVD
added 2022/08/31 12:0 a.m.6 views

Grafana 访问控制错误漏洞

Grafana is Grafana open source set of open source monitoring tools that provide a visual monitoring interface . The tool is mainly used to monitor and analyze Graphite, InfluxDB and Prometheus. An access control error vulnerability exists in Grafana Plugin Image Renderer, which can be exploited b...

8.3CVSS9AI score0.00903EPSS
Exploits0References5
Grafana
Grafana
added 2022/08/30 12:0 a.m.10 views

Grafana Image Renderer leaking files

Grafana Image Renderer is a Grafana backend plugin that handles rendering of panels & dashboards to PNGs using a headless browser Chromium/Chrome. An internal security review identified an unauthorized file disclosure vulnerability. It is possible for a malicious user to retrieve unauthorized fil...

8.3CVSS7.2AI score0.00903EPSS
Exploits0
FreeBSD
FreeBSD
added 2022/07/21 12:0 a.m.38 views

Grafana -- Unauthorized file disclosure

Grafana Labs reports: On July 21, an internal security review identified an unauthorized file disclosure vulnerability in the Grafana Image Renderer plugin when HTTP remote rendering is used. The Chromium browser embedded in the Grafana Image Renderer allows for “printing” of unauthorized files i...

8.3CVSS1.1AI score0.00903EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.43 views

openSUSE Security Update : grafana / grafana-piechart-panel / grafana-status-panel (openSUSE-2020-892)

This update for grafana, grafana-piechart-panel, grafana-status-panel fixes the following issues : grafana was updated to version 7.0.3 : - Features / Enhancements - Stats: include all fields. 24829, @ryantxu - Variables: change VariableEditorList row action Icon to IconButton. 25217, @hshoff - B...

8.2CVSS6.3AI score0.99856EPSS
Exploits6References4
Hacker One
Hacker One
added 2020/03/05 5:55 a.m.32 views

PlayStation: SSRF on image renderer

Summary: image.api.np.km.playstation.net allows image urls to be passed via the image parameter It is possible to use this endpoint to send Gopher requests that result in SMTP messages being sent Steps To Reproduce: 1. Create a Gopher redirect PHP file to save to your server ', 'RCPT TO: ', 'DATA...

Exploits0
NVD
NVD
added 2018/06/11 9:29 p.m.14 views

CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS9.3AI score0.04187EPSS
Exploits1References11
OSV
OSV
added 2018/06/11 9:29 p.m.7 views

CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS8.3AI score
Exploits0References11
OSV
OSV
added 2018/06/11 9:29 p.m.5 views

DEBIAN-CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS8.4AI score0.04187EPSS
Exploits1References1
CVE
CVE
added 2018/06/11 9:0 p.m.182 views

CVE-2017-7786

A buffer overflow in the image renderer can be triggered when painting non-displayable SVG elements, causing a crash and, in some advisories, potential arbitrary-code execution. Affected products include Mozilla Thunderbird and Firefox/Firefox ESR prior to certain versions (Thunderbird < 52.3,...

9.8CVSS8.3AI score0.04187EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2018/06/11 9:0 p.m.28 views

CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

8.5AI score0.04187EPSS
Exploits1References11
OSV
OSV
added 2018/04/24 7:29 p.m.3 views

ALPINE-CVE-2017-14448

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

8.8CVSS8.2AI score0.02395EPSS
Exploits0References1
OSV
OSV
added 2018/04/10 9:29 p.m.4 views

UBUNTU-CVE-2018-3838

An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image t...

6.5CVSS6.8AI score0.01824EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2017/08/10 11:20 p.m.9 views

Mozilla: Buffer overflow while painting non-displayable SVG (MFSA 2017-19)

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS7.5AI score0.04187EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2017/08/09 1:51 a.m.29 views

CVE-2017-7786

A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...

9.8CVSS3.4AI score0.04187EPSS
Exploits1References2
Rows per page
Query Builder