Vulnerabilities > Grafana > High

DATE CVE VULNERABILITY TITLE RISK
2024-09-25 CVE-2024-8975 Unquoted Search Path or Element vulnerability in Grafana Alloy 1.4.0
Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1.
local
low complexity
grafana CWE-428
7.8
2024-09-25 CVE-2024-8996 Unquoted Search Path or Element vulnerability in Grafana Agent
Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2
local
low complexity
grafana CWE-428
7.8
2023-10-17 CVE-2023-4399 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.2
2023-10-16 CVE-2023-4457 Information Exposure Through an Error Message vulnerability in Grafana Google Sheets
Grafana is an open-source platform for monitoring and observability. The Google Sheets data source plugin for Grafana, versions 0.9.0 to 1.2.2 are vulnerable to an information disclosure vulnerability. The plugin did not properly sanitize error messages, making it potentially expose the Google Sheet API-key that is configured for the data source. This vulnerability was fixed in version 1.2.2.
network
low complexity
grafana CWE-209
7.5
2023-10-16 CVE-2023-4822 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.2
2023-04-26 CVE-2023-1387 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
7.5
2023-02-03 CVE-2022-23498 Unspecified vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana
8.8
2022-11-09 CVE-2022-39306 Improper Input Validation vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
low complexity
grafana CWE-20
8.1
2022-11-08 CVE-2022-39328 Race Condition vulnerability in Grafana
Grafana is an open-source platform for monitoring and observability.
network
high complexity
grafana CWE-362
8.1
2022-10-13 CVE-2022-31130 Insufficiently Protected Credentials vulnerability in Grafana
Grafana is an open source observability and data visualization platform.
network
low complexity
grafana CWE-522
7.5