CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/06/05 12:0 a.m.•11 views

FreeBSD : electron{34,35,36} -- Out of bounds read and write in V8 (8c94ae2a-06f5-4383-9a7f-1211cb0dd476)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8c94ae2a-06f5-4383-9a7f-1211cb0dd476 advisory. Electron developers report: This update fixes the following vulnerability: Tenable has extracted the...

8.8CVSS8.3AI score0.06463EPSS

Exploits3References3

Tenable Nessus•added 2025/06/05 12:0 a.m.•6 views

RHEL 10 : git (RHSA-2025:7482)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7482 advisory. Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-serv...

8.8CVSS7.8AI score0.00473EPSS

Exploits1References5

Grafana 11.3.x < 11.3.6 Cross-site Scripting

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.18, or 11.2.x earlier than 11.2.9, or 11.3.x earlier than 11.3.6, or 11.4.x earlier than 11.4.4, or 11.5.x earlier than 11.5.4, or 11.6.x earlier than 11.6.1. It is, therefore, affected by a...

Grafana 11.2.x < 11.2.10 Improper Access Control

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.19, or 11.2.x earlier than 11.2.10, or 11.3.x earlier than 11.3.7, or 11.4.x earlier than 11.4.5, or 11.5.x earlier than 11.5.5, or 11.6.x earlier than 11.6.2, or 12.0.x earlier than 12.0.1...

Grafana 11.2.x < 11.2.9 Cross-site Scripting

Tenable Nessus•added 2025/06/04 12:0 a.m.•7 views

Grafana < 10.4.19 Improper Access Control

Grafana 11.6.x < 11.6.1 Cross-site Scripting

Grafana 11.6.x < 11.6.2 Improper Access Control

Grafana 11.3.x < 11.3.7 Improper Access Control

Tenable Nessus•added 2025/06/04 12:0 a.m.•2 views

Grafana 11.5.x < 11.5.5 Improper Access Control

Grafana 11.5.x < 11.5.4 Cross-site Scripting

Langflow Chatbot Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Langflow chatbot on the target application. Langflow is an open-source visual framework for building multi-agent and RAG. This detection is included in the AI and LLM category. No source data...

7.2AI score

Tenable Nessus•added 2025/06/04 12:0 a.m.•1 views

Grafana < 11.0.11 Exposure Of Sensitive Information To An Unauthorized Actor

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.15, or earlier than 11.0.11, or earlier than 11.1.11, or earlier than 11.2.6, or earlier than 11.3.3, or earlier than 11.4.1. It is, therefore, affected by a exposure of sensitive informatio...

4.3CVSS7AI score0.0035EPSS

Tenable Nessus•added 2025/06/04 12:0 a.m.•1 views

Grafana 8.5.x < 9.5.7 Improper Privilege Management

According to its self-reported version, the Grafana install hosted on the remote host is 8.5.x earlier than 9.5.7, or 10.0.x earlier than 10.0.12, or 10.1.x earlier than 10.1.8, or 10.2.x earlier than 10.2.5, or 10.3.x earlier than 10.3.4. It is, therefore, affected by a improper privilege...

8.8CVSS7.5AI score0.00802EPSS

Tenable Nessus•added 2025/06/04 12:0 a.m.•2 views

Grafana 10.3.x < 10.3.3 Incorrect Authorization

According to its self-reported version, the Grafana install hosted on the remote host is 9.5.x earlier than 9.5.16, or 10.0.x earlier than 10.0.11, or 10.1.x earlier than 10.1.7, or 10.2.x earlier than 10.2.4, or 10.3.x earlier than 10.3.3. It is, therefore, affected by a incorrect authorization...

5.4CVSS7.4AI score0.01385EPSS

Exploits1References2

Tenable Nessus•added 2025/06/04 12:0 a.m.•1 views

Grafana 10.2.x < 10.2.6 Authorization Bypass Through User-controlled Key

According to its self-reported version, the Grafana install hosted on the remote host is 9.5.x earlier than 9.5.18, or 10.0.x earlier than 10.0.13, or 10.1.x earlier than 10.1.9, or 10.2.x earlier than 10.2.6, or 10.3.x earlier than 10.3.5. It is, therefore, affected by a authorization bypass...

6.5CVSS7.4AI score0.00646EPSS

Azure Bot Framework Chatbot Detected

This is an informational plugin to inform the user that the scanner has detected a publicly accessible Azure Bot Framework chatbot on the target application. Azure Bot Framework is a solution to build & deploy AI customer experiences. This detection is included in the AI and LLM category. No sour...

7.2AI score