Exposição de Grafana

Analytics

64

score de exposição

141

sites usam

2

em exploração

6

críticos

CVEs

57 resultados

CVE-2022-39307MEDIUMGrafana subject to Exposure of Sensitive Information resulting in User enumeration via forget passwordEPSS 0.7%CVE-2024-1313MEDIUMUsers outside an organization can delete a snapshot with its keyEPSS 0.6%CVE-2022-36062HIGHGrafana folders admin only permission privilege escalationEPSS 0.6%CVE-2024-8118MEDIUMGrafana alerting wrong permission on datasource rule write endpointEPSS 0.6%CVE-2026-27880HIGHOpenFeature evaluation API reads input data with no boundsEPSS 0.6%CVE-2024-10452LOWOrganization admins can delete pending invites created in an organization they are not part of.EPSS 0.5%CVE-2025-3260HIGHA security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissionEPSS 0.5%CVE-2025-3454MEDIUMThis vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the UREPSS 0.4%CVE-2025-1088LOWVery long unicode dashboard title or panel name can hang the frontendEPSS 0.4%CVE-2025-3580MEDIUMAn access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server adminiEPSS 0.4%CVE-2026-28375MEDIUMGrafana Testdata datasource can issue unbounded memory allocationsEPSS 0.4%CVE-2026-27879MEDIUMQuery resampling can cause unbounded memory allocationsEPSS 0.4%CVE-2024-11741MEDIUMGrafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected EPSS 0.4%CVE-2024-6322MEDIUMAccess control for plugin data sources protected by the ReqActions json field of the plugin.json is bypassed if the user or service account EPSS 0.3%CVE-2022-31123MEDIUMGrafana plugin signature bypass vulnerabilityEPSS 0.2%CVE-2026-27877MEDIUMPublic dashboards discloses all direct mode datasourcesEPSS 0.2%CVE-2026-21725LOWAuthorization Bypass via TOCTOU in Grafana Datasource Deletion by NameEPSS 0.2%

← anteriorpágina 3 / 3próxima →

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →