Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
grafana grafana vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-12245
Grafana prior to 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
Grafana Grafana
8.5
CVSSv3
CVE-2022-29170
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with ...
Grafana Grafana
6.5
CVSSv3
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
Grafana Grafana
5.4
CVSSv3
CVE-2023-22462
Grafana is an open-source platform for monitoring and observability. On 2023-01-01 during an internal audit of Grafana, a member of the security team found a stored XSS vulnerability affecting the core plugin "Text". The stored XSS vulnerability requires several user in...
Grafana Grafana
4.8
CVSSv3
CVE-2023-1410
Grafana is an open-source platform for monitoring and observability. Grafana had a stored XSS vulnerability in the Graphite FunctionDescription tooltip. The stored XSS vulnerability was possible due the value of the Function Description was not properly sanitized. An attacker nee...
Grafana Grafana
5.4
CVSSv3
CVE-2019-13068
public/app/features/panel/panel_ctrl.ts in Grafana prior to 6.2.5 allows HTML Injection in panel drilldown links (via the Title or url field).
Grafana Grafana
6.1
CVSSv3
CVE-2020-13430
Grafana prior to 7.0.0 allows tag value XSS via the OpenTSDB datasource.
Grafana Grafana
8.1
CVSSv3
CVE-2022-39328
Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. Thi...
Grafana Grafana
6.4
CVSSv3
CVE-2023-2183
Grafana is an open-source platform for monitoring and observability. The option to send a test alert is not available from the user panel UI for users having the Viewer role. It is still possible for a user with the Viewer role to send a test alert using the API as the API does n...
Grafana Grafana
7.1
CVSSv3
CVE-2021-27962
Grafana Enterprise 7.2.x and 7.3.x prior to 7.3.10 and 7.4.x prior to 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access.
Grafana Grafana
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120
CVE-2024-35921
CVE-2024-35874
brute force
CVE-2024-36080
unprivileged
CVE-2024-35917
IDOR
CVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »