Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
grafana vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2022-29171
Sourcegraph is a fast and featureful code search and navigation engine. Versions prior to 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with Phabricator allows Sourcegraph site admins to specify a `callsignCommand`, wh...
Sourcegraph Sourcegraph
6
CVSSv2
CVE-2022-24812
Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache...
Grafana Grafana
7.5
CVSSv2
CVE-2022-26148
An issue exists in Grafana up to and including 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search...
Grafana Grafana
Redhat Ceph Storage 3.0
Redhat Storage 3.0
Redhat Ceph Storage 4.0
Redhat Ceph Storage 5.0
4.3
CVSSv2
CVE-2021-23648
The package @braintree/sanitize-url prior to 6.0.0 are vulnerable to Cross-site Scripting (XSS) due to improper sanitization in sanitizeUrl function.
Paypal Braintree\\/sanitize-url
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
5
CVSSv2
CVE-2022-21698
client_golang is the instrumentation library for Go applications in Prometheus, and the promhttp package in client_golang provides tooling around HTTP servers and clients. In client_golang prior to version 1.11.1, HTTP server is susceptible to a Denial of Service through unbounde...
Prometheus Client Golang
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Extra Packages For Enterprise Linux 8.0
Fedoraproject Extra Packages For Enterprise Linux 7.0
Rdo Project Rdo -
Fedoraproject Fedora 37
6.8
CVSSv2
CVE-2022-21703
Grafana is an open-source platform for monitoring and observability. Affected versions are subject to a cross site request forgery vulnerability which allows malicious users to elevate their privileges by mounting cross-origin attacks against authenticated high-privilege Grafana ...
Grafana Grafana
Grafana Grafana 3.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
3.5
CVSSv2
CVE-2022-21713
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated malicious user to view unintended data by querying for the...
Grafana Grafana
Grafana Grafana 5.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
2.1
CVSSv2
CVE-2022-21702
Grafana is an open-source platform for monitoring and observability. In affected versions an attacker could serve HTML content thru the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-site Scripting (X...
Grafana Grafana
Grafana Grafana 2.0.0
Netapp E-series Performance Analyzer
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
7.5
CVSSv2
CVE-2022-23126
TeslaMate prior to 1.25.1 (when using the default Docker configuration) allows malicious users to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a toke...
Teslamate Project Teslamate
3.5
CVSSv2
CVE-2022-21673
Grafana is an open-source platform for monitoring and observability. In affected versions when a data source has the Forward OAuth Identity feature enabled, sending a query to that datasource with an API token (and no other user credentials) will forward the OAuth Identity of the...
Grafana Grafana
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Fedoraproject Fedora 36
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028
memory leak
log injection
CVE-2024-3400
CVE-2022-48695
CVE-2022-48675
CVE-2024-34487
CVE-2024-33792
spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »