CVE-2024-13688

creationtimestamp| type| source ---|---|--- 2025-04-28 09:40:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnuhxieo5u2b 2025-04-28 09:52:50+00:00| seen| https://t.me/cvedetector/23887...

CVE-2023-35815

DevExpress before 23.1.3 has a data-source protection mechanism bypass during deserialization on XML data...

CVE-2023-35815

DevExpress before 23.1.3 has a data-source protection mechanism bypass during deserialization on XML data...

CVE-2023-35815

DevExpress before 23.1.3 has a vulnerability where the data-source protection mechanism can be bypassed during XML deserialization. Affected product: DevExpress (pre-23.1.3). Root cause: bypass of data-source protection on XML data. Practical impact (as stated): potential unauthorized access or m...

PT-2025-18085 · Devexpress · Devexpress

Name of the Vulnerable Software and Affected Versions: DevExpress versions prior to 23.1.3 Description: The issue concerns a data-source protection mechanism bypass during the deserialization of XML data. This means that the normal protections in place to safeguard data sources can be circumvente...

CVE-2025-3980

creationtimestamp| type| source ---|---|--- 2025-04-27 18:10:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13628 2025-04-27 21:20:12+00:00| seen| https://t.me/cvedetector/23851 2025-04-27 21:40:21+00:00| seen|...

CVE-2025-3673

creationtimestamp| type| source ---|---|--- 2025-04-23 21:14:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnj4fc3zvb24...

CVE-2025-3454

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily...

Grafana 授权问题漏洞

Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. An authorization issue vulnerability exists in Grafana versions prior to 10.4....

PT-2025-17604

Name of the Vulnerable Software and Affected Versions Grafana version 10.4.0 Description The issue concerns improper authorization in the Data Source Proxy API. Recommendations For Grafana version 10.4.0, update to a version that includes the fix for this issue. At the moment, there is no...

CVE-2025-31328

creationtimestamp| type| source ---|---|--- 2025-04-22 21:09:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lngln3ulrl2c 2025-04-22 22:35:16+00:00| seen| https://t.me/cvedetector/23541...

CVE-2025-32913

creationtimestamp| type| source ---|---|--- 2025-04-14 13:54:53+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/11611 2025-04-14 14:49:38+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114336869784628007 2025-04-14 16:33:37+00:00| seen|...

CVE-2025-30296

creationtimestamp| type| source ---|---|--- 2025-04-08 22:22:26+00:00| seen| https://t.me/cvedetector/22504...

CVE-2025-32018

creationtimestamp| type| source ---|---|--- 2025-04-08 17:48:13+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114303598060531170 2025-04-08 19:22:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmd756sgdk2f...

Citrix Director - Unable to retrieve the list of Connections

Citrix Director does not show any 'Connection' information under 'Filters'. There is an error displayed in Director: "Data source unresponsive or reported an error. View Director server event logs for further information Refer Citrix KB article CTX130320" You can also find an event ID 5 logged by...

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the alteration of the JDBC connection configuration. An attacker can execute arbitrary code by modifying the JDBC settings if they gain system or project admin permissions. Remediation Upgrade...

RHSA-2025:2879

creationtimestamp| type| source ---|---|--- 2025-03-27 04:25:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9006 2025-03-27 04:25:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9007 2025-03-27 04:25:51+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9008 2025-03-27 04:25:52+00:00...

Grafana -- Authorization bypass in data source proxy API

Grafana Labs reports: This vulnerability, which was discovered while reviewing a pull request from an external contributor, effects Grafana’s data source proxy API and allows authorization checks to be bypassed by adding an extra slash character / in the URL path. Among Grafana-maintained data...

CVE-2025-1635

Exposure of sensitive information in hub data source export feature in Devolutions Remote Desktop Manager 2024.3.29 and earlier on Windows allows a user exporting a hub data source to include his authenticated session in the export due to faulty business logic...

CVE-2024-44228

creationtimestamp| type| source ---|---|--- 2025-03-13 17:45:03+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7448 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:29+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...