20 matches found
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the absence of snapshot context in the cephzeropartialobject function within Ceph. This...
EUVD-2016-4153
Malware in sbrugna...
EUVD-2014-0035
Malware in sbrugna...
CVE-2025-44019
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Depending on the timing of the crash, data present in snapshots/write cache may...
CVE-2025-44019 AVEVA PI Data Archive Uncaught Exception
AVEVA PI Data Archive products are vulnerable to an uncaught exception that, if exploited, could allow an authenticated user to shut down certain necessary PI Data Archive subsystems, resulting in a denial of service. Depending on the timing of the crash, data present in snapshots/write cache may...
U.S. Dept Of Defense: CVE-2021-39226 Discovered on endpoint https://██████/api/snapshots
CVE-2021-39226 was discovered in Grafana, where authenticated and unauthenticated users were able to view and delete snapshots by accessing specific endpoints. The vulnerability allowed for unauthorized access and deletion of snapshot data...
SUSE CVE-2016-3097
Cross-site scripting XSS vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data...
Grafana Authentication Bypass Vulnerability
Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss...
VulnCheck KEV: CVE-2021-39226
Grafana contains an authentication bypass vulnerability that allows authenticated and unauthenticated users to view and delete all snapshot data, potentially resulting in complete snapshot data loss...
FreeBSD : Grafana -- Snapshot authentication bypass (757ee63b-269a-11ec-a616-6c3be5272acd)
Grafana Labs reports : Unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths : - /dashboard/snapshot/:key, or - /api/snapshots/:key If the snapshot 'publicmode' configuration setting is set to true vs default of false,...
CVE-2021-39226
Grafana is an open source data visualization platform. In affected versions unauthenticated and authenticated users are able to view the snapshot with the lowest database key by accessing the literal paths: /dashboard/snapshot/:key, or /api/snapshots/:key. If the snapshot “publicmode” configurati...
Cross-Site Scripting (XSS)
Red Hat Satellite is vulnerable to cross-site scripting XSS. The vulnerability exists in the way spacewalk-java displays group names. This allows an attacker to inject arbitrary web script or HTML into the web page that is then displayed when viewing the snapshot data...
CVE-2016-3097
Cross-site scripting XSS vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data...
CVE-2016-3097
Cross-site scripting XSS vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data...
Cross site scripting
Cross-site scripting XSS vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data...
CVE-2016-3097
Cross-site scripting XSS vulnerability in spacewalk-java in Red Hat Satellite 5.7 allows remote attackers to inject arbitrary web script or HTML via a group name, related to viewing snapshot data...
CVE-2016-3097
CVE-2016-3097 is a stored cross-site scripting (XSS) vulnerability in spacewalk-java used by Red Hat Satellite 5.7. The flaw allows an attacker to inject HTML/Script via group names, affecting snapshot view data. Public advisories (RHSA-2016:1484) document this as a fix in spacewalk-java, with re...
spacewalk-java: Multiple XSS flaws
A stored cross-site scripting XSS flaw was found in the way spacewalk-java displayed group names. An attacker can embed HTML and Javascript in the values for group names in Satellite, allowing them to inject malicious content into the web page that is then displayed when viewing the snapshot data...
PT-2016-5368 · Red Hat · Red Hat Satellite
Name of the Vulnerable Software and Affected Versions: Red Hat Satellite version 5.7 Description: A cross-site scripting XSS issue exists, allowing remote attackers to inject arbitrary web script or HTML via a group name when viewing snapshot data. Recommendations: For Red Hat Satellite version...
PYSEC-2013-35
The clearvolume function in LVMVolumeDriver driver in OpenStack Cinder 2013.1.1 through 2013.1.2 does not properly clear data when deleting a snapshot, which allows local users to obtain sensitive information via unspecified vectors...