CLSA-2026-1777944610 grafana: Fix of CVE-2026-27877

CVE-2026-27877: fix exposure of direct data-source passwords via public dashboards by limiting frontend settings to data sources actually used by the dashboard - Note: upstream test additions in pkg/api/frontendsettingstest.go are not backported. The %check stage only runs the Jest frontend suite...

EUVD-2019-4852

Malware in sbrugna...

CVE-2019-13348

In Knowage through 6.1.1, an authenticated user who accesses the datasources page will gain access to any data source credentials in cleartext, which includes databases...

ARC Informatique PcVue 日志信息泄露漏洞

ARC Informatique PcVue is a multifunctional HMI-SCADA software from ARC Informatique, France, an all-in-one solution that monitors all aspects of a customer's assets.PcVue is used in a wide range of applications such as industrial control, building management, energy management, smart grids, ener...

CVE-2018-5436

The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials. Affected releases are TIBCO Softwa...

CVE-2013-0651

The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to read configuration files, and discover data-source credentials, via a direct request...

Improper access control

The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to read configuration files, and discover data-source credentials, via a direct request...

CVE-2013-0651

The Portal installation process in GE Intelligent Platforms Proficy Real-Time Information Portal stores sensitive information under the web root with insufficient access control, which allows remote attackers to read configuration files, and discover data-source credentials, via a direct request...

CVE-2013-0651

The CVE-2013-0651 issue affects GE Intelligent Platforms Proficy Real-Time Information Portal. A misconfiguration in the Portal installation places sensitive files under the web root with insufficient access control, allowing unauthenticated remote retrieval of configuration data and data-source ...