8.5
CVE-2024-32010 -
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to extraction of database credentials via a world-readable credential file. This allows an attacker to connect to the database as privileged application user and to rβ¦
8.5
CVE-2024-32009 -
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges.
8.5
CVE-2024-32008 -
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to a local privilege escalation due to an exposed debug interface on the localhost. This allows any local user to gain code execution as administrative application usβ¦
2.1
CVE-2025-41116 - Incorrect oauth passthrough in Grafana Databricks Datasource
When using the Grafana Databricks Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, itΒ could result inΒ the wrong user identifier being used, and information for which the viewer isβ¦
2.1
CVE-2025-3717 - Incorrect oauth passthrough in Grafana Snowflake Datasource
When using the Grafana Snowflake Datasource Plugin, if Oauth passthrough is enabled on the datasource, and multiple users are using the same datasource at the same time on a single Grafana instance, itΒ could result inΒ the wrong user identifier being used, and information for which the viewer is β¦
5.5
CVE-2025-61843 - Format Plugins | Out-of-bounds Read (CWE-125)
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim mβ¦
7.8
CVE-2025-61839 - Format Plugins | Out-of-bounds Read (CWE-125)
Format Plugins versions 1.1.1 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exβ¦
5.5
CVE-2025-61845 - Format Plugins | Out-of-bounds Read (CWE-125)
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim mβ¦
5.5
CVE-2025-61840 - Format Plugins | Out-of-bounds Read (CWE-125)
Format Plugins versions 1.1.1 and earlier are affected by an Out-of-bounds Read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to disclose sensitive information stored in memory. Exploitation of this issue requires user interaction in that a victim mβ¦
7.8
CVE-2025-61837 - Format Plugins | Heap-based Buffer Overflow (CWE-122)
Format Plugins versions 1.1.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.