Lucene search
K

27 matches found

Chainguard
Chainguard
added 2026/04/25 7:17 p.m.10 views

CVE-2026-29181 vulnerabilities

Vulnerabilities for packages: gitlab-runner, flux-image-reflector-controller-fips, kubernetes-csi-driver-nfs-fips, k6-fips, crossplane-provider-aws-eks-fips, crossplane-provider-aws-autoscaling-fips, promxy-fips, prometheus-podman-exporter-fips, datadog-agent-fips, dataplaneapi-fips,...

7.5CVSS5.9AI score0.00435EPSS
Exploits1
Wolfi
Wolfi
added 2026/04/11 2:51 a.m.9 views

GHSA-7MR4-XJXG-34G6 vulnerabilities

Vulnerabilities for packages: chartmuseum, kyverno-policy-reporter-ui, dapr, pulumi-language-yaml, dex, task, juicefs-csi-driver, spiffe-helper, minio-object-browser, vexctl, cloud-provider-vsphere, descheduler, aactl, flannel, kyverno, caddy, azure-service-operator, envconsul, cloud-provider-aws...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.10 views

CVE-2021-41090

Grafana Agent is a telemetry collector for sending metrics, logs, and trace data to the opinionated Grafana observability stack. Prior to versions 0.20.1 and 0.21.2, inline secrets defined within a metrics instance config are exposed in plaintext over two endpoints: metrics instance configs defin...

7.5CVSS7AI score0.00736EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2021-2493

Malware in sbrugna...

7.5CVSS7.4AI score0.00736EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2024-2829

Malicious code in bioql PyPI...

7.8CVSS7.9AI score0.003EPSS
Exploits0References10
Chainguard
Chainguard
added 2025/02/25 1:11 p.m.15 views

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: ferretdb, prometheus-mysqld-exporter, gitleaks, prometheus-beat-exporter, prometheus-nats-exporter, flux-source-controller, cert-manager-fips, datadog-agent-fips, secrets-store-csi-driver, skaffold, kubernetes-dashboard-fips, pulumi-language-dotnet, pombump, mc,...

5.9AI score
Exploits0
Wolfi
Wolfi
added 2024/12/11 10:3 p.m.76 views

GHSA-V778-237X-GJRC vulnerabilities

Vulnerabilities for packages: wireguard-go, task, grype, crossplane-provider-aws-sqs, velero-plugin-for-microsoft-azure, aactl, flannel, frp, oras, pulumi, sftpgo-plugin-kms, local-path-provisioner, terraform-docs, hugo, dynamic-localpv-provisioner, terraform-provider-tls, atlantis,...

5.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/11/02 4:2 a.m.3 views

SUSE CVE-2024-8996

Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2...

7.8CVSS7AI score0.00264EPSS
Exploits0References5
OSV
OSV
added 2024/10/09 8:29 p.m.19 views

GO-2024-3170 Grafana Agent (Flow mode) on Windows has Unquoted Search Path or Element vulnerability in github.com/grafana/agent

Grafana Agent Flow mode on Windows has Unquoted Search Path or Element vulnerability in github.com/grafana/agent...

7.8CVSS7.2AI score0.003EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/10/03 12:0 a.m.5 views

The vulnerability of the Grafana Agent’s data visualization system lies in the lack of quotation marks when writing elements or search paths, allowing attackers to exploit their privileges.

The vulnerability of the Grafana Agent visualization system is related to the absence of quotation marks in the writing of elements or search paths. Exploiting this vulnerability can allow attackers to increase their privileges...

7.3CVSS7.2AI score0.00264EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/09/25 5:15 p.m.20 views

CVE-2024-8996

Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2...

7.8CVSS0.00264EPSS
Exploits0References3
OSV
OSV
added 2024/09/25 5:15 p.m.9 views

CVE-2024-8996

Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2...

7.8CVSS7.5AI score0.003EPSS
Exploits0References3
CVE
CVE
added 2024/09/25 4:45 p.m.110 views

CVE-2024-8996

Grafana Agent (Flow mode) on Windows is affected by CVE-2024-8996 (Unquoted Search Path or Element), allowing Privilege Escalation from Local User to SYSTEM. Affected versions: Agent Flow prior to 0.43.2. The issue is addressed in Grafana Agent v0.43.3 (and related security release). Exploitation...

7.8CVSS7AI score0.00264EPSS
Exploits0References3Affected Software1
Grafana
Grafana
added 2024/09/25 12:0 a.m.10 views

Grafana Agent flow mode unquoted service path

On a windows machine, the Grafana Agent Flow mode service prior to version 0.43.1 is vulnerable to a privilege escalation from local user to SYSTEM due to an unquoted service path. It is recommended that you remove the Grafana Agent Flow installation and do a clean install. An update will not...

7.8CVSS5.7AI score0.00264EPSS
Exploits0
CNNVD
CNNVD
added 2024/09/25 12:0 a.m.6 views

Grafana Agent 安全漏洞

Grafana Agent is an OpenTry Collector distribution of Grafana open source. A security vulnerability exists in Grafana Agent versions prior to 0.43.2 that stems from an unquoted search path or element vulnerability that allows elevation of privilege...

7.8CVSS7.9AI score0.003EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/19 12:0 a.m.5 views

PT-2024-6557 · Grafana +1 · Grafana Agent +1

Name of the Vulnerable Software and Affected Versions: Grafana Agent versions prior to 0.43.2 Grafana Agent versions prior to 0.43.3 Description: The issue is related to an Unquoted Search Path or Element vulnerability in Grafana Agent Flow mode on Windows, which allows Privilege Escalation from...

9.9CVSS6.1AI score0.97781EPSS
Exploits21References150
Wolfi
Wolfi
added 2024/06/11 5:16 p.m.112 views

CVE-2024-35255 vulnerabilities

Vulnerabilities for packages: external-dns, flux-kustomize-controller, zot, guac, zarf, argo-events, flyte, fulcio, ksops, cortex, tkn, trino, grafana-agent-operator, datadog-agent, flux-source-controller, tekton-chains, rook, up, trivy, py3-cassandra-medusa, k8sgpt, sqlpad, tempo, rekor, velero,...

5.5CVSS6.5AI score0.00788EPSS
Exploits0
Chainguard
Chainguard
added 2024/06/05 4:15 p.m.21 views

CVE-2024-24789 vulnerabilities

Vulnerabilities for packages: ferretdb, prometheus-mysqld-exporter, gitleaks, prometheus-beat-exporter, cni-plugins, prometheus-nats-exporter, flux-source-controller, cert-manager-fips, cluster-proportional-autoscaler, nri-kubernetes, aws-flb-firehose, dataplaneapi-fips, secrets-store-csi-driver,...

5.5CVSS6.8AI score0.00446EPSS
Exploits0
CNVD
CNVD
added 2021/12/12 12:0 a.m.25 views

Grafana Information Disclosure Vulnerability (CNVD-2021-101998)

Grafana is a set of open source monitoring tools from Grafana Labs that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, etc. An information disclosure vulnerability exists in Grafana Agent versions 0.20.1 and earlier an...

7.5CVSS1.8AI score0.00736EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2021/12/11 12:0 a.m.39 views

[ASA-202112-12] grafana-agent: information disclosure

Arch Linux Security Advisory ASA-202112-12 ========================================== Severity: High Date : 2021-12-11 CVE-ID : CVE-2021-41090 Package : grafana-agent Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-2614 Summary ======= The package grafana-agen...

7.5CVSS0.2AI score0.00736EPSS
Exploits0References3
Rows per page
Query Builder