Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hitachi ops center analyzer vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-31107
Grafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take ove...
Grafana Grafana
Netapp E-series Performance Analyzer -
5.3
CVSSv3
CVE-2022-24329
In JetBrains Kotlin prior to 1.6.0, it was not possible to lock dependencies for Multiplatform Gradle Projects.
Jetbrains Kotlin
Oracle Communications Pricing Design Center 12.0.0.4
Oracle Communications Pricing Design Center 12.0.0.5
Oracle Communications Cloud Native Core Binding Support Function 22.1.3
5.4
CVSSv3
CVE-2020-11110
Grafana up to and including 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an malicious user to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot.
Grafana Grafana
Netapp E-series Performance Analyzer -
5.4
CVSSv3
CVE-2022-21702
Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (X...
Grafana Grafana
Grafana Grafana 2.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.8
CVSSv3
CVE-2022-21703
Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows malicious users to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana ...
Grafana Grafana
Grafana Grafana 3.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
4.3
CVSSv3
CVE-2022-21713
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated malicious user to view unintended data by querying for the...
Grafana Grafana
Grafana Grafana 5.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
8.5
CVSSv3
CVE-2022-29170
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with ...
Grafana Grafana
3.8
CVSSv3
CVE-2022-36062
Grafana is an open-source platform for monitoring and observability. In versions before 8.5.13, 9.0.9, and 9.1.6, Grafana is subject to Improper Preservation of Permissions resulting in privilege escalation on some folders where Admin is the only used permission. The vulnerabilit...
Grafana Grafana
5.4
CVSSv3
CVE-2023-0594
Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not proper...
Grafana Grafana
8.8
CVSSv3
CVE-2022-23498
Grafana is an open-source platform for monitoring and observability. When datasource query caching is enabled, Grafana caches all headers, including `grafana_session`. As a result, any user that queries a datasource where the caching is enabled can acquire another user’s se...
Grafana Grafana
Grafana Grafana 8.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »