Lucene search
K

27 matches found

vulnersOsv
vulnersOsv
added 2025/06/30 7:35 p.m.9 views

org.graylog.plugins:graylog-plugin-parent (>=6.2.0 <=6.2.14), org.graylog.plugins:graylog-plugin-web-parent (>=6.2.0 <=6.2.14) potentially affected by CVE-2025-53106 via org.graylog2:graylog2-server (>=6.2.0 <=6.2.3)

org.graylog2:graylog2-server MAVEN version =6.2.0, =6.2.0, =6.2.0, =6.2.14 Source cves: CVE-2025-53106 Source advisory: OSV:GHSA-3M86-C9X3-VWM9...

8.8CVSS5.8AI score0.005EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/30 7:35 p.m.7 views

org.graylog.plugins:graylog-plugin-parent (>=6.2.0 <=6.2.14), org.graylog.plugins:graylog-plugin-web-parent (>=6.2.0 <=6.2.14) potentially affected by CVE-2025-53106 via org.graylog2:graylog2-server (>=6.2.0 <=6.2.3)

org.graylog2:graylog2-server MAVEN version =6.2.0, =6.2.0, =6.2.0, =6.2.14 Source cves: CVE-2025-53106 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10571076...

8.8CVSS5.8AI score0.005EPSS
Exploits0
Snyk
Snyk
added 2025/06/30 7:35 p.m.5 views

Improper Authorization

Overview org.graylog2:graylog2-server is a log management platform. Affected versions of this package are vulnerable to Improper Authorization via an incorrect permission check in the token creation process. An attacker can gain elevated privileges by crafting requests to the REST API and creatin...

8.8CVSS6.9AI score0.005EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/05/07 4:48 p.m.6 views

org.graylog.plugins:graylog-plugin-parent (>=6.0.0 <=6.0.13), org.graylog.plugins:graylog-plugin-web-parent (>=6.0.0 <=6.0.13) potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.0.0 <=6.0.13)

org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.13 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...

8CVSS5.8AI score0.00229EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/05/07 4:48 p.m.8 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.3), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.1)

org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.1 Source cves: CVE-2025-46827 Source advisory: SNYK:JAVA-ORGGRAYLOG2-10116752...

8CVSS5.8AI score0.00229EPSS
Exploits0
Snyk
Snyk
added 2025/05/07 4:48 p.m.3 views

Cross-site Scripting (XSS)

Overview org.graylog2:graylog2-server is a log management platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Event Definition Remediation Step field. An attacker can obtain user session cookies by submitting an HTML form. Note: This is only exploitable ...

8.5CVSS5.3AI score0.00229EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/05/07 3:27 p.m.8 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.3), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.1)

org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.1 Source cves: CVE-2025-46827 Source advisory: OSV:GHSA-76VF-MPMX-777J...

8CVSS5.8AI score0.00229EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/05/07 3:27 p.m.6 views

com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=5.2.1) +12 more potentially affected by CVE-2025-46827 via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=6.0.13)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: CVE-2025-46827 Source advisory: OSV:GHSA-76VF-MPMX-777J...

8CVSS5.4AI score0.00229EPSS
Exploits0
Snyk
Snyk
added 2025/05/07 3:27 p.m.1 views

Cross-site Scripting (XSS)

Overview org.graylog2:graylog2-server is a log management platform. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the plugins and API Browser. An attacker with the FILESCREATE permission can upload and execute arbitrary Javascript, leading to unauthorized action...

8.7CVSS5.6AI score
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/05/07 3:27 p.m.11 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.0.0 <=6.1.7), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (>=6.0.0 <=6.1.0) +3 more potentially affected by unknown CVE via org.graylog2:graylog2-server (>=6.0.0 <=6.1.8)

org.graylog2:graylog2-server MAVEN version =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.0.0, =6.1.16 Source cves: unknown CVE Source advisory: SNYK:JAVA-ORGGRAYLOG2-10121303...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/05/07 3:27 p.m.9 views

com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=6.1.7) +12 more potentially affected by unknown CVE via org.graylog2:graylog2-server (>=1.0.0-beta.3 <=6.1.8)

org.graylog2:graylog2-server MAVEN version =1.0.0-beta.3, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.0.3, =1.0.0, =1.2.0, =1.3.4 Source cves: unknown CVE Source advisory: OSV:GHSA-Q9Q2-3PPX-MWQF...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2025/04/07 4:37 p.m.8 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.7), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-30373 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.8)

org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.16 Source cves: CVE-2025-30373 Source advisory: OSV:GHSA-Q7G5-JQ6P-6WVX...

6.5CVSS5.8AI score0.0031EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/04/07 3:41 p.m.6 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=6.1.0 <=6.1.7), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=6.1.0) +3 more potentially affected by CVE-2025-30373 via org.graylog2:graylog2-server (>=6.1.0 <=6.1.8)

org.graylog2:graylog2-server MAVEN version =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.0, =6.1.16 Source cves: CVE-2025-30373 Source advisory: SNYK:JAVA-ORGGRAYLOG2-9668945...

6.5CVSS5.8AI score0.0031EPSS
Exploits0
Snyk
Snyk
added 2025/04/07 3:41 p.m.5 views

Authentication Bypass Using an Alternate Path or Channel

Overview org.graylog2:graylog2-server is a log management platform. Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel in the channelRead0 function. An attacker can bypass authentication by sending HTTP requests without required...

6.5CVSS7.1AI score0.0031EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2024/02/07 6:24 p.m.5 views

org.graylog.plugins:graylog-plugin-parent (>=5.2.0 <=5.2.12), org.graylog.plugins:graylog-plugin-web-parent (>=5.2.0 <=5.2.12) potentially affected by CVE-2024-24823 via org.graylog2:graylog2-server (>=5.2.0-alpha.1 <=5.2.3)

org.graylog2:graylog2-server MAVEN version =5.2.0-alpha.1, =5.2.0, =5.2.0, =5.2.12 Source cves: CVE-2024-24823 Source advisory: OSV:GHSA-3XF8-G8GR-G7RH...

5.7CVSS6AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/07 6:24 p.m.5 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=4.4.0 <=5.0.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (>=4.2.0 <=5.0.0) +4 more potentially affected by CVE-2024-24823 via org.graylog2:graylog2-server (>=4.3.0 <=5.1.10)

org.graylog2:graylog2-server MAVEN version =4.3.0, =4.4.0, =4.2.0, =4.2.0, =2.0.0, =4.3.0, =4.3.0, =5.1.10 Source cves: CVE-2024-24823 Source advisory: OSV:GHSA-3XF8-G8GR-G7RH...

5.7CVSS6AI score0.00414EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/02/07 6:23 p.m.9 views

org.graylog.plugins:graylog-plugin-parent (>=5.2.0 <=5.2.12), org.graylog.plugins:graylog-plugin-web-parent (>=5.2.0 <=5.2.12) potentially affected by CVE-2024-24824 via org.graylog2:graylog2-server (>=5.2.0-alpha.1 <=5.2.3)

org.graylog2:graylog2-server MAVEN version =5.2.0-alpha.1, =5.2.0, =5.2.0, =5.2.12 Source cves: CVE-2024-24824 Source advisory: OSV:GHSA-P6GG-5HF4-4RGJ...

8.8CVSS7.2AI score0.34498EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2024/02/07 6:23 p.m.5 views

com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=1.1.0 <=4.1.1), com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (>=1.0.0 <=5.0.0) +10 more potentially affected by CVE-2024-24824 via org.graylog2:graylog2-server (>=2.0.0 <=5.1.10)

org.graylog2:graylog2-server MAVEN version =2.0.0, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =1.0.0, =1.0.1, =2.2.0, =1.1.0, =2.2.0, =2.2.0, =1.1.2, =2.2.0-alpha.1 Source cves: CVE-2024-24824 Source advisory: OSV:GHSA-P6GG-5HF4-4RGJ...

8.8CVSS7.2AI score0.34498EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2023/07/06 8:53 p.m.7 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41044 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)

org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41044 Source advisory: OSV:GHSA-2Q4P-F6GF-MQR5...

3.8CVSS5.8AI score0.00569EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2023/07/06 8:51 p.m.7 views

com.airbus-cyber-security.graylog:graylog-plugin-alert-wizard (=5.2.0), com.airbus-cyber-security.graylog:graylog-plugin-correlation-count (=5.1.2) +3 more potentially affected by CVE-2023-41045 via org.graylog2:graylog2-server (>=5.1.0 <=5.1.2)

org.graylog2:graylog2-server MAVEN version =5.1.0, =5.1.0, =5.1.0, =5.1.13 Source cves: CVE-2023-41045 Source advisory: OSV:GHSA-G96C-X7RH-99R3...

5.3CVSS6AI score0.00295EPSS
Exploits1
Rows per page
Query Builder