Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/05/08 7:16 a.m.5 views

CVE-2025-67886

Bitrix24 through 25.100.300 allows Remote Code Execution because an actor with SOURCE/WRITE permissions for the Translate Module can upload and execute code by sending a PHP file and a .htaccess file. NOTE: this is disputed by the Supplier because this is intended behavior for the high-privileged...

6.3CVSS0.00036EPSS
Exploits3References6
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2024-0834

Malicious code in bioql PyPI...

8.8CVSS7.2AI score0.00209EPSS
Exploits0References5
SUSE Linux
SUSE Linuxadded 2025/02/14 7:24 a.m.2 views

Security update for grafana

This update for grafana fixes the following issues: grafana was updated from version 9.5.18 to 10.4.13 jscPED-11591,jscPED-11649: Security issues fixed: CVE-2024-45337: Prevent possible misuse of ServerConfig.PublicKeyCallback by upgrading golang.org/x/crypto bsc1234554 CVE-2023-3128: Fixed...

9.4CVSS8.3AI score0.32338EPSS
Exploits3References26
OSV
OSVadded 2024/03/07 6:15 p.m.4 views

CVE-2024-1442

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

8.8CVSS8.5AI score0.00209EPSS
Exploits0References2
Prion
Prionadded 2024/03/07 6:15 p.m.23 views

Information disclosure

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to . Doing this will grant the user access to read, query, edit and delete all data sources within the organization...

5.8CVSS7AI score0.00209EPSS
Exploits0References1
Github Security Blog
Github Security Blogadded 2022/05/24 5:33 p.m.15 views

Magento incorrect user permissions vulnerability within the Inventory component

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the...

4CVSS5.7AI score0.00191EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVEadded 2021/03/18 6:30 p.m.31 views

CVE-2021-27962

A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality. Mitigation If you are using the Enterprise version of Grafana, you ca...

7.1CVSS2.4AI score0.00366EPSS
Exploits0References4
CNNVD
CNNVDadded 2021/03/18 12:0 a.m.2 views

Grafana Labs Grafana Enterprise 安全漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana Enterprise that stems from a user with the...

7.1CVSS7.1AI score0.00366EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2020/10/15 12:0 a.m.1 views

PT-2020-4579 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.0 and 2.3.5p1 and earlier Description: The issue is related to incorrect user permissions within the Inventory component, allowing authenticated users with Inventory and Source permissions to make unauthorized changes to...

9.4CVSS3.1AI score0.00191EPSS
Exploits0References9
Rows per page
Query Builder