6 matches found
CVE-2026-22640
CVE-2026-22640 describes an access control vulnerability in Grafana OSS where an Organization administrator can permanently delete the Server administrator account via the DELETE /api/org/users/ endpoint. The attack requires an existing Organization administrator and either a Server administrator...
CVE-2025-3580
An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator...
CVE-2025-3580
An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator...
Enforcement vs. Enrollment-based Security: How to Balance Security and Employee Trust
Challenges with an enforcement-based approach An enforcement-based approach to security begins with a security policy backed by security controls, often heavy-handed and designed to prevent employees from engaging in risky behavior or inadvertently expanding the potential attack surface of an...
Product update: Virtuozzo PowerPanel Update 1 (7.0.4-30)
The update for Virtuozzo PowerPanel introduces new features as well as stability and usability fixes. Vulnerability id: PP-578 The 'vzapi' command to reset the backup limit to 0 could fail. Vulnerability id: PP-580 A wrong config parameter was documented for instance default backup limit...
Microsoft Windows files and folders management problems
During file operations conditions exist for attacker to gain access to content of protected or locked files. It's also possible to create unmanageble file...