Filter
Software
redhat/grafanaGrafana Authentication Bypass Vulnerability
First published (updated )
Grafana GrafanaGrafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email f…
9.8
First published (updated )
CVE-2023-4399Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, Reques…
7.2
First published (updated )
Grafana GrafanaGrafana is an open-source platform for monitoring and observability. The vulnerability impacts insta…
7.2
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana Google SheetsGrafana is an open-source platform for monitoring and observability. The Google Sheets data source …
7.5
First published (updated )
Grafana Synthetic Monitoring AgentGrafana's default installation of `synthetic-monitoring-agent` exposes sensitive information
7.2
First published (updated )
Grafana Enterprise MetricsAccess policy with access to all tenants and using label selectors has more access
8.8
First published (updated )
Grafana GrafanaGrafana directory traversal for `.cvs` files
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaCross organization admin control in Grafana
9.1
First published (updated )
Grafana GrafanaXSS vulnerability allowing arbitrary JavaScript execution
6.9
First published (updated )
go/github.com/grafana/grafanaOrganization admins can delete pending invites created in an organization they are not part of.
2.7
First published (updated )
go/github.com/grafana/grafanaGrafana SQL Expressions allow for remote code execution
10
EPSS
0.05%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
go/github.com/grafana/grafanaA user changing their email after signing up and verifying it can change it without verification in …
5.4
First published (updated )
Grafana AgentGrafana Agent Flow on Windows Unquoted service path
7.8
EPSS
0.04%
First published (updated )
Grafana AlloyGrafana Alloy on Windows Unquoted service path
7.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/grafanaInfoleak, SQL Injection, Path Traversal
6.5
First published (updated )
Grafana GrafanaGrafana data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
7.5
First published (updated )
Grafana GrafanaStored XSS in Grafana's Unified Alerting
8.7
First published (updated )
Grafana GrafanaGrafana vulnerable to race condition allowing privilege escalation
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/grafanaAuthentication Bypass in Grafana via auth proxy allowing escalation from admin to server admin
6.6
First published (updated )
redhat/grafanaGrafana users with email as a username can block other users from signing in
4.3
First published (updated )
Grafana GrafanaData source and plugin proxy endpoints could leak the authentication cookie to some destination plugins
7.5
First published (updated )
Grafana GrafanaGrafana plugin signature bypass vulnerability
7.8
First published (updated )
redhat/grafanaGrafana vulnerable to spoofing originalUrl of snapshots
6.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.