1033 matches found
CVE-2022-4529
creationtimestamp| type| source ---|---|--- 2024-09-05 13:50:23+00:00| seen| https://t.me/cvedetector/4901...
OPENSUSE-SU-2024:0274-1 Security update for cacti, cacti-spine
This update for cacti, cacti-spine fixes the following issues: - cacti 1.2.27: CVE-2024-34340: Authentication Bypass when using using older password hashes boo1224240 CVE-2024-25641: RCE vulnerability when importing packages boo1224229 CVE-2024-31459: RCE vulnerability when plugins include files...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
CVE-2024-6322
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
Grafana 安全漏洞
Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana that stems from the fact that if a...
CVE-2024-6782
creationtimestamp| type| source ---|---|--- 2024-08-06 07:28:44+00:00| seen| https://t.me/cvedetector/2527 2024-08-06 15:34:46+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8184 2024-08-07 07:34:24+00:00| seen| https://t.me/proxybar/2214 2024-08-07 17:42:22+00:00| seen|...
Dify Detected
This is an informational plugin to inform the user that the scanner has detected a publicly accessible Dify instance on the target application. Dify is an open-source LLM app development platform. This detection is included in the AI and LLM category. No source data...
VulnCheck KEV: CVE-2019-15637
Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop...
The vulnerability of the MySQL Data Source Handler component of the Apache Linkis application connection, management, and orchestration software allows a attacker to execute arbitrary code.
The vulnerability of the MySQL Data Source Handler component of the Apache Linkis connection management and orchestration software lies in defects in the deserialization mechanism. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by introducing specially crafted...
The vulnerability of the DataSource Manager module of the Apache Linkis application connection, management, and orchestration software allows a attacker to execute arbitrary code.
The vulnerability of the DataSourceManager module in the Apache Linkis application connection, management, and orchestration software is related to the lack of effective parameter filtering. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by injecting JNDI...
Grafana plugins route actions are not scoped to instance
Access control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account is granted associated access to any other data source, as the ReqActions check was not scoped to each specific datasource. The account must have prior query...
H2O Flow Detected
This is an informational plugin to inform the user that the scanner has detected a publicly accessible H2O Flow instance on the target application. H2O Flow is an open-source user interface for H2O, an open-source, distributed and scalable machine learning and predictive analytics platform. This...
Apache Linkis Code Issue Vulnerability
Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability, the vulnerability stems from the data...
Apache Linkis DataSource remote code execution vulnerability
In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...
CVE-2023-46801
In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...
CVE-2023-46801
In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...
CVE-2023-46801 Apache Linkis DataSource: DataSource Remote code execution vulnerability
In Apache Linkis = 1.8.0241. Or users upgrade Linkis to version 1.6.0...
CVE-2023-46801
Apache Linkis vulnerable to remote code execution in the DataSource MySQL handler for versions = 1.8.0_241 and/or upgrade Linkis to version 1.6.0. If upgrading is not immediately possible, validate and restrict JRMP usage and account privileges to reduce exposure. If exploitation details are not ...