grafana security, bug fix, and enhancement update
[7.5.15-3] - resolve CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions - resolve CVE-2022-1705 golang: net/https: improper sanitization of Transfer-Encoding header - resolve CVE ...
Continue Reading
November 22, 2022
CVE-2022-3589
An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write acc ...
Continue Reading
November 21, 2022
CVE-2022-3589
An API Endpoint used by Miele's "AppWash" MobileApp in all versions was vulnerable to an authorization bypass. A low privileged, remote attacker would have been able to gain read and partial write acc ...
Continue Reading
November 21, 2022
Concrete CMS vulnerable to Cross-site Request Forgery
Concrete CMS is vulnerable to CSRF due to the lack of "State" parameter for external Concrete authentication service for users of Concrete who use the "out of the box" core OAuth.Read More ...
Continue Reading
November 17, 2022
Security Bulletin: Rational Asset Analyzer is vulnerable to denial of service due to GraphQL Java (CVE-2022-37734)
## Summary There is a vulnerability in IBM WebSphere Application Server Liberty used by Rational Asset Analyzer. This vulnerability is located in the GraphQL Java library used by IBM WebSphere Applica ...
Continue Reading
November 17, 2022
Gitea Git Fetch Remote Code Execution Exploit
This Metasploit module exploits the Git fetch command in the Gitea repository migration process to allow for remote command execution on the system. This vulnerability affect Gitea versions prior to 1 ...
Continue Reading
November 17, 2022
AlmaLinux 9 : php (ALSA-2022:5904)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:5904 advisory. Note that Nessus has not tested for this issue but has instead rel ...
Continue Reading
November 17, 2022
(RHSA-2022:7519) Moderate: grafana security, bug fix, and enhancement update
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. The following packages have been upgraded to a later upstream version: grafana (7.5.1 ...
Continue Reading
November 16, 2022
VMware NSX Manager XStream Unauthenticated Remote Code Execution Exploit
VMware Cloud Foundation (NSX-V) contains a remote code execution vulnerability via XStream open source library. VMware has evaluated the severity of this issue to be in the Critical severity range wit ...
Continue Reading
November 16, 2022
