Filter
Software
go/github.com/grafana/grafanaGrafana SQL Expressions allow for remote code execution
10
EPSS
18.48%
First published (updated )
redhat/grafanaA signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypas…
10
First published (updated )
redhat/grafanaSnapshot authentication bypass in grafana
First published (updated )
Grafana Labs Grafana OSS and EnterpriseGrafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an …
9.8
First published (updated )
Grafana Labs Grafana OSS and EnterpriseGrafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email f…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat Ceph storageAn issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password c…
9.8
First published (updated )
Grafana Labs Grafana OSS and EnterpriseThe querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require a…
9.8
First published (updated )
go/github.com/grafana/grafanaGrafana vulnerable to race condition allowing privilege escalation
9.8
First published (updated )
go/github.com/grafana/grafanaCross organization admin control in Grafana
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana Labs Grafana OSS and EnterpriseCross Site Request Forgery in Grafana
8.8
First published (updated )
Grafana Labs Grafana OSS and EnterpriseFGAC API Key privilege escalation in Grafana
8.8
First published (updated )
Grafana Enterprise MetricsAccess policy with access to all tenants and using label selectors has more access
8.8
First published (updated )
Grafana Labs Grafana OSS and EnterpriseWhen query caching is enabled in Grafana users can query another users session
8.8
First published (updated )
redhat/GrafanaStored XSS in Grafana's Unified Alerting
8.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana Labs Grafana OSS and EnterpriseGrafana Enterprise datasource network restrictions bypass via HTTP redirects
8.5
First published (updated )
Grafana Grafana-image-rendererGrafana Image Renderer leaking files
8.3
First published (updated )
go/github.com/grafana/grafanaGrafana contains Improper Input Validation
8.1
First published (updated )
Grafana AlloyGrafana Alloy on Windows Unquoted service path
7.8
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana AgentGrafana Agent Flow on Windows Unquoted service path
7.8
EPSS
0.04%
First published (updated )
go/github.com/grafana/grafanaGrafana plugin signature bypass vulnerability
7.8
First published (updated )
go/github.com/grafana/grafanaGrafana folders admin only permission privilege escalation
7.6
First published (updated )
redhat/grafanaThe snapshot feature in Grafana 6.7.3 through 7.4.1 can allow an unauthenticated remote attackers to…
7.5
First published (updated )
redhat/grafanaGrafana account takeover via OAuth vulnerability
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Grafana Google SheetsGrafana is an open-source platform for monitoring and observability. The Google Sheets data source …
7.5
First published (updated )
Grafana Labs Grafana OSS and EnterpriseOne of the usage insights HTTP API endpoints in Grafana Enterprise 6.x before 6.7.6, 7.x before 7.3.…
7.5
First published (updated )
Grafana Labs Grafana OSS and EnterpriseGrafana path traversal
7.5
First published (updated )
Grafana Labs Grafana OSS and EnterpriseIn Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow unauthenticated use. This makes…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.