Grafana Alerting VictorOps integration could be exposed to users with Viewer permission

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...

Elastic X-Pack Alerting Elevation of Privilege Vulnerability

Elastic X-Pack Alerting is an extension of Elastic Stack a log analyzing system from Dutch company Elasticsearch. A security vulnerability exists in the permission schema used in Elastic X-Pack Alerting versions 5.0.0 through 5.6.0. An attacker could exploit the vulnerability to gain elevated...