233 matches found
EUVD-2025-21759
Malicious code in bioql PyPI...
EUVD-2025-0215
Malicious code in bioql PyPI...
EUVD-2022-28647
Malicious code in bioql PyPI...
EUVD-2024-36555
Malicious code in bioql PyPI...
nettoolbox
NetToolbox - Network Security Toolkit A comprehensive, modern...
Linux Distros Unpatched Vulnerability : CVE-2022-31097
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable...
Linux Distros Unpatched Vulnerability : CVE-2024-11741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed ...
VulnCheck KEV: CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
Grafana Alerting DingDing Integration URL Exposed to Viewers
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
SUSE CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2025-3415
A flaw exists in Grafana Alerting, where the DingDing contact-point integration URL can be revealed in plain text to users with viewer-level permissions due to misconfigured access control. This disclosure permits unauthorized users to view sensitive webhook URLs, including API tokens or keys,...
FreeBSD : Grafana -- DingDing contact points exposed in Grafana Alerting (6548cb01-4c33-11f0-8a97-6c3be5272acd)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 6548cb01-4c33-11f0-8a97-6c3be5272acd advisory. Grafana Labs reports: An incident occurred where the DingDing alerting integration URL was inadvertentl...
PT-2025-25459
Name of the Vulnerable Software and Affected Versions Grafana affected versions not specified Description A medium-severity flaw in Grafana Alerting exposes sensitive DingDing contact point URLs to viewers. This issue may lead to data exposure. Recommendations Update to a patched version to resol...
Grafana -- DingDing contact points exposed in Grafana Alerting
Grafana Labs reports: An incident occurred where the DingDing alerting integration URL was inadvertently exposed to viewers due to a setting oversight, which we learned about through a bug bounty report. The CVSS 3.0 score for this vulnerability is 4.3 Medium...
Kibana 8.15.x < 8.15.1 Multiples Vulnerabilities
According to its self-reported version number, the Kibana application running on the remote host is 8.15.x prior to 8.15.1. It is, therefore, affected by Multiples Vulnerabilities. - A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML docume...
The vulnerability of the software platform for integrating Grafana Alerting VictorOps, related to information disclosure, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Grafana Alerting VictorOps software platform relates to the disclosure of information. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
OESA-2025-1188 grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB OpenTSDB. Security Fixes: Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch prior to 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored...
Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613: Remove...
SUSE-SU-2025:0623-1 Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: - Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613:...