Количество 394
Количество 394
CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
CVE-2020-24303
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the Elast ...
CVE-2020-13430
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
CVE-2020-13430
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
CVE-2020-13430
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
CVE-2020-13430
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
CVE-2020-12459
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
CVE-2020-12459
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
CVE-2020-12245
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
CVE-2020-12245
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
CVE-2020-12245
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip.
CVE-2020-12245
Grafana before 6.7.3 allows table-panel XSS via column.title or cellLi ...
CVE-2020-12052
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
CVE-2020-12052
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
CVE-2020-12052
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
CVE-2020-12052
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
CVE-2019-19499
Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2020-24303 Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
 | CVE-2020-24303 Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource. | CVSS3: 6.1 | 0% Низкий | около 5 лет назад |
| CVE-2020-24303 Grafana before 7.1.0-beta 1 allows XSS via a query alias for the Elast ... | CVSS3: 6.1 | 0% Низкий | около 5 лет назад |
 | CVE-2020-13430 Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-13430 Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-13430 Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-13430 Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. | CVSS3: 6.1 | 0% Низкий | больше 5 лет назад |
| CVE-2020-12459 In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable. | CVSS3: 6.2 | 0% Низкий | больше 5 лет назад |
| CVE-2020-12459 In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable. | CVSS3: 5.5 | 0% Низкий | больше 5 лет назад |
| CVE-2020-12245 Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip. | CVSS3: 6.1 | 3% Низкий | больше 5 лет назад |
| CVE-2020-12245 Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip. | CVSS3: 6.1 | 3% Низкий | больше 5 лет назад |
| CVE-2020-12245 Grafana before 6.7.3 allows table-panel XSS via column.title or cellLinkTooltip. | CVSS3: 6.1 | 3% Низкий | больше 5 лет назад |
| CVE-2020-12245 Grafana before 6.7.3 allows table-panel XSS via column.title or cellLi ... | CVSS3: 6.1 | 3% Низкий | больше 5 лет назад |
| CVE-2020-12052 Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| CVE-2020-12052 Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| CVE-2020-12052 Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| CVE-2020-12052 Grafana version < 6.7.3 is vulnerable for annotation popup XSS. | CVSS3: 6.1 | 1% Низкий | больше 5 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | CVSS3: 6.5 | 37% Средний | больше 5 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | CVSS3: 6.5 | 37% Средний | больше 5 лет назад |
| CVE-2019-19499 Grafana <= 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations. | CVSS3: 6.5 | 37% Средний | больше 5 лет назад |
Уязвимостей на страницу