Filter
Software
go/github.com/grafana/grafanaGrafana SQL Expressions allow for remote code execution
10
EPSS
0.05%
First published (updated )
redhat/grafanaA signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypas…
10
First published (updated )
redhat/grafanaGrafana Authentication Bypass Vulnerability
First published (updated )
Grafana GrafanaGrafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an …
9.8
First published (updated )
Grafana GrafanaGrafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email f…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Redhat Ceph StorageAn issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password c…
9.8
First published (updated )
Grafana GrafanaThe querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require a…
9.8
First published (updated )
Grafana GrafanaGrafana vulnerable to race condition allowing privilege escalation
9.8
First published (updated )
Grafana GrafanaCross organization admin control in Grafana
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaFGAC API Key privilege escalation in Grafana
8.8
First published (updated )
Grafana Enterprise MetricsAccess policy with access to all tenants and using label selectors has more access
8.8
First published (updated )
Grafana GrafanaWhen query caching is enabled in Grafana users can query another users session
8.8
First published (updated )
Grafana GrafanaStored XSS in Grafana's Unified Alerting
8.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana GrafanaGrafana Enterprise datasource network restrictions bypass via HTTP redirects
8.5
First published (updated )
Grafana Grafana-image-rendererGrafana Image Renderer leaking files
8.3
First published (updated )
Grafana GrafanaGrafana contains Improper Input Validation
8.1
First published (updated )
Grafana AlloyGrafana Alloy on Windows Unquoted service path
7.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana AgentGrafana Agent Flow on Windows Unquoted service path
7.8
EPSS
0.04%
First published (updated )
Grafana GrafanaGrafana plugin signature bypass vulnerability
7.8
First published (updated )
Grafana GrafanaGrafana folders admin only permission privilege escalation
7.6
First published (updated )
redhat/grafanaThe snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to…
7.5
First published (updated )
redhat/grafanaGrafana account takeover via OAuth vulnerability
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana Google SheetsGrafana is an open-source platform for monitoring and observability. The Google Sheets data source …
7.5
First published (updated )
Grafana GrafanaOne of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.…
7.5
First published (updated )
Grafana GrafanaIn Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.