MiracleLinux 8 : grafana-9.2.10-29.el8_10 (AXSA:2026-458:09)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-458:09 advisory. net/url: Incorrect parsing of IPv6 host literals in net/url CVE-2026-25679 Tenable has extracted the preceding description block directly from the MiracleLinu...

EUVD-2023-0471

Malicious code in bioql PyPI...

EUVD-2023-0379

Malicious code in bioql PyPI...

EUVD-2023-0543

Malicious code in bioql PyPI...

CVE-2023-0569

Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10...

CVE-2022-2815

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10...

grafana security update

9.2.10-18 - Resolves RHEL-47191...

grafana security update

9.2.10-17 - Resolves RHEL-57925: CVE-2024-34156...

BIT-GRAFANA-2022-23498 When query caching is enabled in Grafana users can query another users session

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

CVE-2023-22462

Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user interactions in order to be...

UBUNTU-CVE-2022-23498

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

CVE-2022-23498 When query caching is enabled in Grafana users can query another users session

Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including grafanasession. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s session. To mitigate the...

Grafana 8.3.0 < 9.2.10, 9.3.0 < 9.3.4 Information Disclosure Vulnerability (GHSA-2j8f-6whh-frc8)

Grafana is prone to an information disclosure vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Publify 安全漏洞

Publify is a simple but full-featured web publishing software. A security vulnerability exists in Publify versions prior to 9.2.10, which stems from allowing users to log in with weak passwords...

CVE-2023-0569 Weak Password Requirements in publify/publify

Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10...

CVE-2023-0569 Weak Password Requirements in publify/publify

Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10...

Integer Overflow or Wraparound

Overview publifycore is a Core engine for the Publify blogging system, formerly known as Typo. Affected versions of this package are vulnerable to Integer Overflow or Wraparound in app/models/user.rb, which allows attackers to cause denial of service by supplying an excessively long name value fo...

Information Exposure

Overview publifycore is a Core engine for the Publify blogging system, formerly known as Typo. Affected versions of this package are vulnerable to Information Exposure in resourceuploader.rb, which exposes EXIF image metadata to all users when a file is uploaded. Remediation Upgrade publifycore t...

CVE-2022-1812

Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10...

Integer overflow

Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10...