Lucene search
+L

5 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.64 views

AlmaLinux 8 : grafana (ALSA-2020:4682)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4682 advisory. - Grafana 5.3.1 has XSS via a column style on the Dashboard Table Panel screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...

6.5CVSS6.4AI score0.09619EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.48 views

CentOS 8 : grafana (CESA-2020:4682)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4682 advisory. - grafana: XSS vulnerability via a column style on the Dashboard Table Panel screen CVE-2018-18624 - grafana: arbitrary file read via MySQL data source...

6.5CVSS6.5AI score0.09619EPSS
Exploits3References9
RedHat Linux
RedHat Linux
added 2020/11/04 1:31 a.m.57 views

Moderate: Red Hat Security Advisory: grafana security, bug fix, and enhancement update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

6.5CVSS6.6AI score0.09619EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2020/10/27 4:22 p.m.125 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.6.1 image security update

An update is now available for Red Hat OpenShift Container Platform 4.6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

7.7CVSS7.8AI score0.99019EPSS
Exploits30References22
CVE
CVE
added 2020/07/27 12:48 p.m.278 views

CVE-2020-11110

Affected product: Grafana up to version 6.7.1. Issue: unauthenticated stored XSS in the originalUrl field that enables execution of injected JavaScript after opening the Original Dashboard from a snapshot. Impact: potential browser context compromise and arbitrary script execution on victim’s sid...

5.4CVSS5.4AI score0.09619EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder