Filter
Versions
8.0.0
15
9.0.0
13
9.3.0
8
9.2.0
6
5.0.0
5
7.0.0
5
7.4.0
5
9.4.0
5
9.5.0
5
6.0.0
4
8.1.0
4
10.0.0
3
10.1.0
3
5.3.1
3
9.1.0
3
2.0.0
2
3.0.1
2
5.0.0-beta1
2
5.0.0-beta2
2
5.0.0-beta3
2
5.0.0-beta4
2
5.0.0-beta5
2
5.3.0
2
6.7.3
2
7.2.0
2
8.4.0
2
8.4.3
2
8.5.0
2
1.1.0
1
1.3.0
1
10.2.0
1
10.3.0
1
10.4.0
1
11.0.0
1
2.0.0-beta1
1
2.0.0-beta3
1
2.0.1
1
2.1.2
1
2.5.0
1
3.0.0
1
3.0.0-beta1
1
3.0.0-beta2
1
3.0.0-beta3
1
3.0.0-beta4
1
3.0.0-beta5
1
3.0.0-beta6
1
3.0.0-beta7
1
3.1.1
1
4.0.0
1
5.0.1
1
5.1.3
1
5.2.4
1
5.4.0
1
6.3.6
1
6.4.3
1
6.7.0
1
6.7.1
1
7.0.1
1
7.0.5
1
7.3.0
1
7.3.4
1
7.4.1
1
8.0.0-beta1
1
8.0.0-beta2
1
8.0.0-beta3
1
8.0.1
1
8.2.0
1
8.3.0
1
8.3.0-beta1
1
8.3.0-beta2
1
8.3.1
1
go/github.com/grafana/grafanaGrafana SQL Expressions allow for remote code execution
10
EPSS
0.05%
First published (updated )
redhat/grafanaA signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypas…
10
First published (updated )
redhat/grafanaGrafana Authentication Bypass Vulnerability
First published (updated )
Grafana GrafanaGrafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an …
9.8
First published (updated )
Grafana GrafanaGrafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email f…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Ceph StorageAn issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password c…
9.8
First published (updated )
Grafana GrafanaThe querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require a…
9.8
First published (updated )
Grafana GrafanaGrafana vulnerable to race condition allowing privilege escalation
9.8
First published (updated )
Grafana GrafanaCross organization admin control in Grafana
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaFGAC API Key privilege escalation in Grafana
8.8
First published (updated )
Grafana GrafanaWhen query caching is enabled in Grafana users can query another users session
8.8
First published (updated )
Grafana GrafanaStored XSS in Grafana's Unified Alerting
8.7
First published (updated )
Grafana GrafanaGrafana Enterprise datasource network restrictions bypass via HTTP redirects
8.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaGrafana contains Improper Input Validation
8.1
First published (updated )
Grafana GrafanaGrafana plugin signature bypass vulnerability
7.8
First published (updated )
Grafana GrafanaGrafana folders admin only permission privilege escalation
7.6
First published (updated )
redhat/grafanaThe snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to…
7.5
First published (updated )
redhat/grafanaGrafana account takeover via OAuth vulnerability
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaOne of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.…
7.5
First published (updated )
Grafana GrafanaIn Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes…
7.5
First published (updated )
Grafana GrafanaData source and plugin proxy endpoints could leak the authentication cookie to some destination plugins
7.5
First published (updated )
Grafana GrafanaGrafana data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaGrafana 8.4.3 allows unauthenticated access via (for example) a /dashboard/snapshot/*?orgId=0 URI. N…
7.5
First published (updated )
Grafana GrafanaGrafana stored XSS in FileUploader component
7.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.