2131 matches found
CVE-2021-41090
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
CVE-2021-41090
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
Authentication flaw
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
CVE-2021-41090 Instance config inline secret exposure
Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...
PT-2021-23081 · Grafana · Grafana Agent
Name of the Vulnerable Software and Affected Versions: Grafana Agent versions prior to 0.20.1 and 0.21.2 Description: The issue concerns the exposure of inline secrets in plaintext over two endpoints: /-/config for metrics instance configs defined in the base YAML file and...
Grafana信息泄露漏洞
Grafana is a set of open source monitoring tools from Grafana Labs that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, etc. An information disclosure vulnerability exists in Grafana Agent versions 0.20.1 and earlier an...
CVE-2021-22951
Unauthorized individuals could view password protected files using viewinline in Concrete CMS previously concrete 5 prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in viewinline and, if it does, the file is not rendered.For version 8.5.6, the following mitigations...
GSD-2021-1002170 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...
UVI-2021-1002170 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15 by commit...
GSD-2021-1002101 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.14.15 by commit...
GSD-2021-1002042 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.76 by commit...
UVI-2021-1002005 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.156 by commit...
UVI-2021-1001980 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.214 by commit...
GSD-2021-1001958 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.253 by commit...
UVI-2021-1001958 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.253 by commit...
GSD-2021-1001937 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.288 by commit...
UVI-2021-1001937 ocfs2: fix data corruption after conversion from inline format
ocfs2: fix data corruption after conversion from inline format This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.288 by commit...
OESA-2021-1427 virglrenderer security update
The virgil3d rendering library is a library used by qemu to implement 3D GPU support for the virtio GPU. Security Fixes: An out-of-bounds read in the vrendblitneedswizzle function in vrendrenderer.c in virglrenderer through 0.8.0 allows guest OS users to cause a denial of service via VIRGLCCMDBLI...
Mozilla Firefox Security Advisory (MFSA2011-27) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
Mozilla: iframe sandbox rules did not apply to XSLT stylesheets
The Mozilla Foundation Security Advisory describes this flaw as: The iframe sandbox rules were not correctly applied to XSLT stylesheets, allowing an iframe to bypass restrictions such as executing scripts or navigating the top-level frame...