Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
OpenObserve is a cloud-native observability platform. In versions up to and including 0.16.1, when creating or renaming an organization with HTML in the name, the markup is rendered inside the invitat
OpenObserve is a cloud-native observability platform. Prior to version 0.16.0, organization invitation tokens do not expire once issued, remain valid even after the invited user is removed from the or
OpenObserve is an open-source observability platform. Starting in version 0.4.4 and prior to version 0.10.0, OpenObserve contains a cross-site scripting vulnerability in line 32 of `openobserve/web/sr
The OpenObserve open-source observability platform provides the ability to filter logs in a dashboard by the values uploaded in a given log. However, all versions of the platform through 0.9.1 do not
OpenObserve is a cloud-native observability platform. In 0.70.3 and earlier, the validate_enrichment_url function in src/handler/http/request/enrichment_table/mod.rs fails to block IPv6 addresses beca
OpenObserve is a cloud-native observability platform. A vulnerability in the user management endpoint `/api/{org_id}/users/{email_id}` allows an "Admin" role user to remove a "Root" user from the orga
OpenSearch Observability is collection of plugins and applications that visualize data-driven events. An issue in the OpenSearch observability plugins allows unintended access to private tenant resour
Open edX Platform enables the authoring and delivery of online learning at any scale. The HTML sanitizer clean_thread_html_body() used for discussion notification emails fails to remove