gafana is vulnerable to privilege escalation. An attacker can take over another user's account in the grafana instance by supplying a login name through the specified `OAuth IdP` when the attacker's e ...
Continue Reading
July 21, 2022
The version of MySQL Enterprise Monitor installed on the remote host are affected by a denial of service as referenced in the July 2022 CPU advisory, via the initiation of the Authorization Request in ...
Continue Reading
July 20, 2022
### Impact Potential/accidental leaking of Slack OAuth client information in application debug logs. ### Patches More strict and secure debug formatting was introduced in v0.41 for OAuth secret types ...
Continue Reading
July 19, 2022
### Impact Potential/accidental leaking of Slack OAuth client information in application debug logs. ### Patches More strict and secure debug formatting was introduced in v0.41 for OAuth secret types ...
Continue Reading
July 19, 2022
This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will b ...
Continue Reading
July 17, 2022
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Gra ...
Continue Reading
July 15, 2022
No description is available for this CVE. #### Mitigation As a workaround it is possible to disable any OAuth login or ensure that all users authorized to log in via OAuth have a corresponding user ac ...
Continue Reading
July 15, 2022
A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was incorrectly stored in the oauth-serving-cert ConfigMaps, and accessible to an ...
Continue Reading
July 14, 2022
Back to Main
