172 matches found
Fedora: Security Advisory for grafana (FEDORA-2022-83405f9d5b)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora: Security Advisory for grafana (FEDORA-2022-9dd03cab55)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 34 Update: grafana-7.5.15-2.fc34
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
[SECURITY] Fedora 35 Update: grafana-7.5.15-2.fc35
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
AlmaLinux 8 : grafana (ALSA-2020:4682)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4682 advisory. - Grafana 5.3.1 has XSS via a column style on the Dashboard Table Panel screen. NOTE: this issue exists because of an incomplete fix for CVE-2018-12099...
[SECURITY] Fedora 35 Update: grafana-7.5.11-3.fc35
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: golang: net/http: limit growth of header canonicalization cache CVE-2021-44716 For more details about the security issues, including the impact, a CVSS score,...
Fedora: Security Advisory for grafana (FEDORA-2021-01588ab0bf)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 35 Update: grafana-7.5.11-1.fc35
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
Important: grafana security update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: grafana: Snapshot authentication bypass CVE-2021-39226 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
[SECURITY] Fedora 34 Update: grafana-7.5.10-1.fc34
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
GHSA-HV53-Q76C-7F8C OS Command Injection in OpenTSDB
A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. tsd/GraphHandler.java attempted to prevent comma...
io.kamon:kamon-opentsdb_2.10 (=0.6.7), io.kamon:kamon-opentsdb_2.11 (=0.6.7) +2 more potentially affected by CVE-2020-35476 via net.opentsdb:opentsdb (>=2.3.0 <=2.4.0)
net.opentsdb:opentsdb MAVEN version =2.3.0, =2.3.2, =2.4.0 Source cves: CVE-2020-35476 Source advisory: OSV:GHSA-HV53-Q76C-7F8C...
OS Command Injection in OpenTSDB
A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. tsd/GraphHandler.java attempted to prevent comma...
OpenTSDB HTTP Detection
Binary data opentsdbhttpdetect.nbin...
OpenTSDB yrange RCE (direct check)
Binary data opentsdbyrangerce.nbin...
StumbleUpon OpenTSDB Remote Code Execution (CVE-2020-35476)
A remote code execution vulnerability exists in StumbleUpon OpenTSDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
[SECURITY] Fedora 33 Update: grafana-7.3.6-1.fc33
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
[SECURITY] Fedora 32 Update: grafana-7.3.6-1.fc32
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...
OpenTSDB Command Injection Vulnerability
OpenTSDB is a distributed, scalable time series database TSDB based on Hbase. A command execution vulnerability exists in OpenTSDB 2.4.0 and earlier versions. An attacker can exploit this vulnerability to achieve remote code execution via the yrange parameter injection command...