Lucene search
K

31 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.8 views

TencentOS Server 3: grafana (TSSA-2022:0144)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0144 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS7.8AI score0.02039EPSS
Exploits0References2
OSV
OSV
added 2024/05/14 10:22 p.m.29 views

GHSA-MX47-6497-3FV2 Grafana account takeover via OAuth vulnerability

Today we are releasing Grafana 8.3.10, 8.4.10, 8.5.9 and 9.0.3. This patch release includes a HIGH severity security fix for an Oauth takeover vulnerability in Grafana. Release v.9.0.3, containing this security fix and other patches: - Download Grafana 9.0.3 - Release notes Release v.8.5.9,...

7.6CVSS8.1AI score0.02039EPSS
Exploits0References7
Github Security Blog
Github Security Blog
added 2024/05/14 10:22 p.m.45 views

Grafana account takeover via OAuth vulnerability

Today we are releasing Grafana 8.3.10, 8.4.10, 8.5.9 and 9.0.3. This patch release includes a HIGH severity security fix for an Oauth takeover vulnerability in Grafana. Release v.9.0.3, containing this security fix and other patches: - Download Grafana 9.0.3 - Release notes Release v.8.5.9,...

7.5CVSS8AI score0.02039EPSS
Exploits0References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.23 views

Rocky Linux 8 : grafana (RLSA-2022:5717)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5717 advisory. - Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious use...

7.5CVSS7.8AI score0.02039EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/01 7:48 p.m.29 views

Security Bulletin: IBM Storage Ceph is vulnerable to an incorrect authorization vulnerablity in Grafana.

Summary Grafana is used by IBM Storage Ceph as part of the dashboard to monitor the stats for each cluster. CVE-2022-31107. Vulnerability Details CVEID: CVE-2022-31107 DESCRIPTION: Grafana could allow a remote authenticated attacker to bypass security restrictions, caused by an OAuth vulnerabilit...

7.5CVSS6.1AI score0.02039EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.30 views

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.68603EPSS
Exploits9References19
OSV
OSV
added 2023/06/21 11:49 a.m.9 views

SUSE-SU-2023:2578-1 Security update for SUSE Manager Client Tools

This update fixes the following issues: bind: - Provide bind dependencies and solve installation issues on SUSE Linux Enterprise Micro - There are no source changes dracut-saltboot: - Update to version 0.1.1681904360.84ef141 Load network configuration even when missing protocol version bsc1210640...

9.8CVSS7.8AI score0.68603EPSS
Exploits9References32
RedHat Linux
RedHat Linux
added 2023/06/15 3:59 p.m.68 views

Important: Red Hat Security Advisory: Red Hat Ceph Storage 6.1 Container security and bug fix update

A new container image for Red Hat Ceph Storage 6.1 is now available in the Red Hat Ecosystem Catalog. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

9.8CVSS7AI score0.68603EPSS
Exploits13References40
SUSE CVE
SUSE CVE
added 2023/02/15 3:25 a.m.2 views

SUSE CVE-2022-31107

Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of...

7.1CVSS8.6AI score0.02039EPSS
Exploits0References18
ALT Linux
ALT Linux
added 2023/01/31 12:0 a.m.52 views

Security fix for the ALT Linux 10 package grafana version 8.5.20-alt1

8.5.20-alt1 built Jan. 31, 2023 Alexey Shabalin in task 314152 Jan. 25, 2023 Alexey Shabalin - 8.5.20 - Fixes: + CVE-2022-39307 + CVE-2022-39306 + CVE-2022-39229 + CVE-2022-39201 + CVE-2022-36062 + CVE-2022-35957 + CVE-2022-31130 + CVE-2022-31123 + CVE-2022-31107 + CVE-2022-31097 + CVE-2022-29170...

4.9CVSS6.5AI score0.68603EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/14 12:0 a.m.26 views

SUSE: Security Advisory (SUSE-SU-2022:4428-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.4AI score0.88849EPSS
Exploits45References4
OpenVAS
OpenVAS
added 2022/10/27 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2022:3747-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS8.9AI score0.68603EPSS
Exploits0References8
OpenVAS
OpenVAS
added 2022/10/27 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2022:3751-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS8.6AI score0.68603EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2022/07/28 12:0 a.m.40 views

Oracle Linux 8 : grafana (ELSA-2022-5717)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-5717 advisory. 7.5.11-3 - resolve CVE-2022-31107 grafana: OAuth account takeover Tenable has extracted the preceding description block directly from the Oracle Linux security...

7.5CVSS7.8AI score0.02039EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/07/26 3:1 p.m.40 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.2AI score0.02039EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/07/26 2:55 p.m.45 views

Important: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

7.5CVSS7.2AI score0.02039EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2022/07/26 1:54 p.m.27 views

grafana security update

An update is available for grafana. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Grafana is an open source, feature rich metrics dashboard and graph editor fo...

7.5CVSS7.7AI score0.02039EPSS
Exploits0
OSV
OSV
added 2022/07/26 1:52 p.m.26 views

RLSA-2022:5716 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account takeover CVE-2022-31107 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.1CVSS7.4AI score0.02039EPSS
Exploits0References2
OSV
OSV
added 2022/07/26 12:0 a.m.33 views

ALSA-2022:5716 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account takeover CVE-2022-31107 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...

7.5CVSS7.3AI score0.02039EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/07/26 12:0 a.m.32 views

RHEL 8 : grafana (RHSA-2022:5720)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:5720 advisory. Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: OAuth account...

7.5CVSS7.9AI score0.02039EPSS
Exploits0References4
Rows per page
Query Builder