High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-25	CVE-2024-8975	Unquoted Search Path or Element vulnerability in Grafana Alloy 1.4.0 Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1. local low complexity grafana CWE-428	7.8
2024-09-25	CVE-2024-8996	Unquoted Search Path or Element vulnerability in Grafana Agent Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2 local low complexity grafana CWE-428	7.8
2023-10-17	CVE-2023-4399	Unspecified vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network low complexity grafana	7.2
2023-10-16	CVE-2023-4457	Information Exposure Through an Error Message vulnerability in Grafana Google Sheets Grafana is an open-source platform for monitoring and observability. The Google Sheets data source plugin for Grafana, versions 0.9.0 to 1.2.2 are vulnerable to an information disclosure vulnerability. The plugin did not properly sanitize error messages, making it potentially expose the Google Sheet API-key that is configured for the data source. This vulnerability was fixed in version 1.2.2. network low complexity grafana CWE-209	7.5
2023-10-16	CVE-2023-4822	Unspecified vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network low complexity grafana	7.2
2023-04-26	CVE-2023-1387	Unspecified vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network low complexity grafana	7.5
2023-02-03	CVE-2022-23498	Unspecified vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network low complexity grafana	8.8
2022-11-09	CVE-2022-39306	Improper Input Validation vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network low complexity grafana CWE-20	8.1
2022-11-08	CVE-2022-39328	Race Condition vulnerability in Grafana Grafana is an open-source platform for monitoring and observability. network high complexity grafana CWE-362	8.1
2022-10-13	CVE-2022-31130	Insufficiently Protected Credentials vulnerability in Grafana Grafana is an open source observability and data visualization platform. network low complexity grafana CWE-522	7.5