CVE-2019-19398

creationtimestamp| type| source ---|---|--- 2024-03-17 12:11:21+00:00| seen| https://t.me/ctinow/209880...

CVE-2024-2495

creationtimestamp| type| source ---|---|--- 2024-03-15 14:26:42+00:00| seen| https://t.me/ctinow/208797 2025-08-12 13:33:28+00:00| seen| MISP/02fb130c-7874-4693-9b66-81ed91a2e996 2025-08-21 03:19:29+00:00| seen| MISP/02fb130c-7874-4693-9b66-81ed91a2e996...

Grafana Labs 10.0.x < 10.0.12 / 10.1.x < 10.1.8 / 10.2.x < 10.2.5 / 10.3.x < 10.3.4 / 8.5.x < 9.5.7 (CVE-2024-1442)

The version of Grafana Labs installed on the remote host is prior to 10.0.12, 10.1.8, 10.2.5, 10.3.4, or 9.5.7. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-1442 advisory. - A user with the permissions to create a data source can use Grafana API to create a data...

BIT-GRAFANA-2024-1442 User with permissions to create a data source can CRUD all data sources

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

Apache Linkis Log Information Disclosure Vulnerability

Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.4.0 and earlier versions have a log information disclosure vulnerability, the vulnerability stems...

CVE-2019-7004

creationtimestamp| type| source ---|---|--- 2024-03-10 15:16:12+00:00| seen| https://t.me/ctinow/204281...

SUSE CVE-2024-1442

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

Improper Authorization

github.com/grafana/grafana/ is vulnerable to Improper Authorization. The vulnerability is due to the API allowing the creation of a data source with a universal identifier UID, granting unintended access to all organization data sources...

CVE-2024-23264

creationtimestamp| type| source ---|---|--- 2024-03-08 03:26:28+00:00| seen| https://t.me/ctinow/202987 2024-03-08 03:32:03+00:00| seen| https://t.me/ctinow/203007...

CVE-2024-1442

A flaw was found in Grafana, where setting the Grafana API Data Source UID to '' Grants Unrestricted Access, grants a user the ability to set the UID to '' via the Grafana API poses a severe security risk. This issue enables unauthorized access to read, query, edit, and delete all data sources...

CVE-2024-1442

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

Information disclosure

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

UBUNTU-CVE-2024-1442

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

CVE-2024-1442

CVE-2024-1442 affects Grafana. A user with permission to create a data source can abuse the Grafana API to create a data source with UID set to *, granting the attacker read, query, edit, and delete rights across all data sources in the organization. This is a privilege escalation/compromise of d...

CVE-2024-1442 User with permissions to create a data source can CRUD all data sources

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

The vulnerability of the MeshCentral device remote management system, related to deficiencies in the data source verification mechanism, allows a hacker to execute arbitrary code.

The vulnerability of the MeshCentral device management system is related to deficiencies in the mechanism for verifying the source of data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

User with permissions to create a data source can CRUD all data sources

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization. Impacted Versions: 8.5.0 9.5.7 10.0.0 10.0.12 10.1.0 10.1.8 10.2.0 10.2...

CVE-2023-50740

In Apache Linkis =1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0...

Design/Logic Flaw

In Apache Linkis =1.4.0, The password is printed to the log when using the Oracle data source of the Linkis data source module. We recommend users upgrade the version of Linkis to version 1.5.0...

CVE-2023-50740

CVE-2023-50740 affects Apache Linkis