Microsoft Security Advisory CVE-2024-38081 | .NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2024-38081 | .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 . This advisory also provides guidance on what developers can do to update their...

GHSA-HQ7W-XV5X-G34J Microsoft Security Advisory CVE-2024-38081 | .NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2024-38081 | .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 6.0 . This advisory also provides guidance on what developers can do to update their...

Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update their applications t...

GHSA-HH2W-P6RV-4G7W Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability

Microsoft Security Advisory CVE-2024-30105 | .NET Denial of Service Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 8.0. This advisory also provides guidance on what developers can do to update their applications t...

Grafana folders admin only permission privilege escalation

Today we are releasing Grafana 9.1.6, 9.0.9, 8.5.13. This patch release includes a Moderate severity security fix for CVE-2022-36062 that affects Grafana instances which are using Grafana role-based access control RBAC. Release 9.1.6, latest patch, also containing security fix: - Download Grafana...

Grafana User enumeration via forget password

Today we are releasing Grafana 9.2.4. Alongside other bug fixes, this patch release includes moderate security fixes for CVE-2022-39307. We are also releasing security patches for Grafana 8.5.15 to fix these issues. Release 9.2.4, latest patch, also containing security fix: - Download Grafana 9.2...

Grafana Fine-grained access control vulnerability

Impact On Nov. 2, during an internal security audit, we discovered that when the fine-grained access control beta feature is enabled and there is more than one organization in the Grafana instance, Grafana 8.0 introduced a mechanism which allowed users with the Organization Admin role to list, ad...

GHSA-CMF4-H3XC-JW8W Grafana Cross Site Request Forgery (CSRF)

Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MEDIUM severity security fix for Cross Site Request Forgery for Grafana. Release v.8.3.5, only containing security fixes: - Download Grafana 8.3.5 - Release notes Release v.7.5.15, only containing security fixes: -...

GHSA-W4M3-43GP-X8HX .NET Remote Code Execution vulnerability

Microsoft Security Advisory CVE-2023-28260: .NET Remote Code Execution Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 7.0 and .NET 6.0. This advisory also provides guidance on what developers can do to update thei...

CVE-2017-15597 - Citrix XenServer Security Update

Description of Problem A security vulnerability has been identified in Citrix XenServer that may allow a malicious administrator of a guest VM to compromise the host. This vulnerability affects all currently supported versions of Citrix XenServer up to and including Citrix XenServer 7.2. The...