Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ceph vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31097
Grafana is an open-source platform for monitoring and observability. Versions on the 8.x and 9.x branch before 9.0.3, 8.5.9, 8.4.10, and 8.3.10 are vulnerable to stored cross-site scripting via the Unified Alerting feature of Grafana. An attacker can exploit this vulnerability to...
Grafana Grafana
Netapp E-series Performance Analyzer -
NA
CVE-2023-1410
Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker nee...
Grafana Grafana
2.1
CVSSv2
CVE-2020-8566
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v...
Kubernetes Kubernetes
NA
CVE-2023-1387
Grafana is an open-source platform for monitoring and observability. Starting with the 9.1 branch, Grafana introduced the ability to search for a JWT in the URL query parameter auth_token and use it as the authentication token. By enabling the "url_login" configuration ...
Grafana Grafana
3.5
CVSSv2
CVE-2021-4231
A vulnerability was found in Angular up to 11.0.4/11.1.0-next.2. It has been classified as problematic. Affected is the handling of comments. The manipulation leads to cross site scripting. It is possible to launch the attack remotely but it might require an authentication first....
Angular Angular 11.1.0
Angular Angular
7.1
CVSSv2
CVE-2014-6418
net/ceph/auth_x.c in Ceph, as used in the Linux kernel prior to 3.16.3, does not properly validate auth replies, which allows remote malicious users to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Cep...
Linux Linux Kernel
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 12.04
NA
CVE-2021-47000
In the Linux kernel, the following vulnerability has been resolved: ceph: fix inode leak on getattr error in __fh_to_dentry
NA
CVE-2023-0836
An information leak vulnerability exists in HAProxy 2.1, 2.2 prior to 2.2.27, 2.3, 2.4 prior to 2.4.21, 2.5 prior to 2.5.11, 2.6 prior to 2.6.8, 2.7 prior to 2.7.1. There are 5 bytes left uninitialized in the connection buffer when encoding the FCGI_BEGIN_REQUEST record. Sensitiv...
Haproxy Haproxy 2.7.0
Haproxy Haproxy
Haproxy Haproxy 2.3.0
Haproxy Haproxy 2.1.0
NA
CVE-2023-44466
An issue exists in net/ceph/messenger_v2.c in the Linux kernel prior to 6.4.5. There is an integer signedness error, leading to a buffer overflow and remote code execution via HELLO or one of the AUTH frames. This occurs because of an untrusted length taken from a TCP packet in c...
Linux Linux Kernel
NA
CVE-2022-3931
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »