Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ceph storage vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39229
Grafana is an open source data visualization platform for metrics, logs, and traces. Versions before 9.1.8 and 8.5.14 allow one user to block another user's login attempt by registering someone else'e email address as a username. A Grafana user’s username and emai...
Grafana Grafana
NA
CVE-2022-31123
Grafana is an open source observability and data visualization platform. Versions before 9.1.8 and 8.5.14 are vulnerable to a bypass in the plugin signature verification. An attacker can convince a server admin to download and successfully run a malicious plugin even though unsig...
Grafana Grafana
Netapp E-series Performance Analyzer -
NA
CVE-2022-35957
Grafana is an open-source platform for monitoring and observability. Versions before 9.1.6 and 8.5.13 are vulnerable to an escalation from admin to server admin when auth proxy is used, allowing an admin to take over the server admin account and gain full control of the grafana i...
Grafana Grafana
Fedoraproject Fedora 37
NA
CVE-2022-32190
JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath("https://go.dev", "../go") returns the URL "https://go.dev/../go", despite the JoinPath documentation stating that ../ path elements are remo...
Golang Go 1.19.0
2 Github repositories
NA
CVE-2022-27664
In net/http in Go prior to 1.18.6 and 1.19.x prior to 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error.
Golang Go 1.19.0
Golang Go
Fedoraproject Fedora 36
Fedoraproject Fedora 37
1 Github repository
NA
CVE-2021-3979
A key length flaw was found in Red Hat Ceph Storage. An attacker can exploit the fact that the key length is incorrectly passed in an encryption algorithm to create a non random key, which is weaker and can be exploited for loss of confidentiality and integrity on encrypted disks...
Redhat Ceph Storage 3.0
Redhat Openstack Platform 13.0
Redhat Openshift Container Storage 4.0
Redhat Openshift Data Foundation 4.0
Redhat Ceph Storage For Ibm Z Systems 4.0
Redhat Ceph Storage 4.3
Redhat Ceph Storage 5.1
Redhat Ceph Storage 4.0
Redhat Ceph Storage 5.0
Redhat Ceph Storage For Power 4.0
Fedoraproject Fedora 35
Fedoraproject Fedora 37
NA
CVE-2022-1705
Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request smuggling if combined with an intermediate server that also improperly fails to reject the header as invalid.
Golang Go
NA
CVE-2022-32148
Improper exposure of client IP addresses in net/http before Go 1.17.12 and Go 1.18.4 can be triggered by calling httputil.ReverseProxy.ServeHTTP with a Request.Header map containing a nil value for the X-Forwarded-For header, which causes ReverseProxy to set the client IP as the ...
Golang Go
NA
CVE-2022-32189
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go prior to 1.17.13 and 1.18.5, potentially allowing a denial of service.
Golang Go
NA
CVE-2022-28131
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an malicious user to cause a panic due to stack exhaustion via a deeply nested XML document.
Golang Go
Fedoraproject Fedora 35
Netapp Cloud Insights Telegraf -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »