320 matches found
InfluxDB <1.7.6 - Authentication Bypass
InfluxDB before 1.7.6 contains an authentication bypass vulnerability via the authenticate function in services/httpd/handler.go. A JWT token may have an empty SharedSecret aka shared secret. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized...
CVE-2026-42506 affecting package influxdb for versions less than 2.7.5-17
CVE-2026-42506 affecting package influxdb for versions less than 2.7.5-17. A patched version of the package is available...
CVE-2026-42502 affecting package influxdb for versions less than 2.7.5-17
CVE-2026-42502 affecting package influxdb for versions less than 2.7.5-17. A patched version of the package is available...
CVE-2026-25681 affecting package influxdb for versions less than 2.7.5-17
CVE-2026-25681 affecting package influxdb for versions less than 2.7.5-17. A patched version of the package is available...
CVE-2026-27136 affecting package influxdb for versions less than 2.7.5-17
CVE-2026-27136 affecting package influxdb for versions less than 2.7.5-17. A patched version of the package is available...
CVE-2026-25680 affecting package influxdb for versions less than 2.7.5-17
CVE-2026-25680 affecting package influxdb for versions less than 2.7.5-17. A patched version of the package is available...
CVE-2026-39821 affecting package influxdb for versions less than 2.7.5-17
CVE-2026-39821 affecting package influxdb for versions less than 2.7.5-17. A patched version of the package is available...
Exploit for Improper Authentication in Influxdata Influxdb
LAB 5-CVE-2019-20933 I. SYSTEM ANALYSIS Identify...
CVE-2026-41602 affecting package influxdb for versions less than 2.7.5-16
CVE-2026-41602 affecting package influxdb for versions less than 2.7.5-16. A patched version of the package is available...
Security update for grafana
This update for grafana fixes the following issues: Security issues fixed: CVE-2026-21722: Public dashboards annotations: use dashboard timerange if time selection disabled bsc1258136 CVE-2026-21721: Fixed access control by the dashboard permissions API bsc1257337 CVE-2026-21720: Fixed...
CVE-2025-30204 affecting package influxdb for versions less than 2.7.5-13
CVE-2025-30204 affecting package influxdb for versions less than 2.7.5-13. A patched version of the package is available...
CVE-2025-47911 affecting package influxdb for versions less than 2.7.5-13
CVE-2025-47911 affecting package influxdb for versions less than 2.7.5-13. A patched version of the package is available...
CVE-2025-11065 affecting package influxdb for versions less than 2.7.5-13
CVE-2025-11065 affecting package influxdb for versions less than 2.7.5-13. A patched version of the package is available...
CVE-2025-58190 affecting package influxdb for versions less than 2.7.5-13
CVE-2025-58190 affecting package influxdb for versions less than 2.7.5-13. A patched version of the package is available...
CVE-2025-47911 affecting package influxdb for versions less than 2.6.1-30
CVE-2025-47911 affecting package influxdb for versions less than 2.6.1-30. A patched version of the package is available...
CVE-2025-11065 affecting package influxdb for versions less than 2.6.1-30
CVE-2025-11065 affecting package influxdb for versions less than 2.6.1-30. A patched version of the package is available...
CVE-2025-30204 affecting package influxdb for versions less than 2.6.1-30
CVE-2025-30204 affecting package influxdb for versions less than 2.6.1-30. A patched version of the package is available...
CVE-2026-25751
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...
CVE-2026-25751
FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An information disclosure vulnerability in FUXA allows an unauthenticated, remote attacker to retrieve sensitive administrative database credentials. Exploitation allows an unauthenticated, remote attacker to obtain the full...
CVE-2026-25751
CVE-2026-25751 affects FUXA up to version 1.2.9 and is a information-disclosure flaw that exposes sensitive administrative credentials for InfluxDB, enabling an attacker to obtain the full system configuration and potentially authenticate to the database to read/modify/delete data or cause DoS. T...