1051 matches found
grafana: arbitrary file read via MySQL data source
Grafana has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...
Moderate: grafana security, bug fix, and enhancement update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana 6.7.4. BZ1807323 Security Fixes: grafana: XSS vulnerability via a column style on the "Dashboard Table Panel...
UBUNTU-CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource...
Yandex Browser Access Control Error Vulnerability
Yandex Browser is a desktop version of the web browser from the Russian company Yandex. Yandex Browser suffers from a security vulnerability that originates from a critical information vulnerability incorrectly displayed in the user interface UI on the address bar, which can be exploited by an...
Yandex Browser Information Disclosure Vulnerability
Yandex Browser is a desktop version of the web browser from the Russian company Yandex. Yandex Browser suffers from an information disclosure vulnerability that originates from a critical information vulnerability that is incorrectly displayed in the user interface UI on the address bar, which ca...
CVE-2020-7363
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
CVE-2020-7369
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version...
CVE-2020-7370
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Bolt Browser version 1.4 and prior versions...
CVE-2020-7371
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions...
CVE-2020-7364
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
Design/Logic Flaw
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the Yandex Browser version 20.8.3 and prior versions, and was fixed in version...
Design/Logic Flaw
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects UCWeb's UC Browser version 13.0.8 and prior versions...
Design/Logic Flaw
User Interface UI Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser. This issue affects the RITS Browser version 3.3.9 and prior versions...
CVE-2017-8507
creationtimestamp| type| source ---|---|--- 2020-10-09 16:19:14+00:00| seen| MISP/5bbda357-1bcd-44a4-b7b3-14d78dcb2eec...
CVE-2020-9856
creationtimestamp| type| source ---|---|--- 2020-10-01 14:59:34+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/osx/browser/safariinoperatorsideeffect.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:32+00:00|...
The vulnerability of the WebSockets API component of the CodeMeter license control application allows a perpetrator to gain unauthorized access to modify or create license files for CmActLicense.
The vulnerability of the WebSockets API of the CodeMeter license control application is related to a data source confirmation error. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to modify or create CmActLicense license files...
CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
DEBIAN-CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
ALPINE-CVE-2014-10402
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...
AZL-41925 CVE-2014-10402 affecting package perl-DBI for versions less than 1.632-1
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the fdir attribute in the data source name DSN. NOTE: this issue exists because of an incomplete fix for CVE-2014-10401...