Lucene search
K

15 matches found

OSV
OSV
added 2026/06/25 6:43 p.m.6 views

GO-2026-5355 Grafana Operator: Privilege escalation from namespace admin to cluster admin via GrafanaDashboard jsonnetLib fileName in github.com/grafana/grafana-operator

Grafana Operator: Privilege escalation from namespace admin to cluster admin via GrafanaDashboard jsonnetLib fileName in github.com/grafana/grafana-operator...

8.8CVSS5.8AI score0.00361EPSS
Exploits0References3
OSV
OSV
added 2026/05/15 8:42 a.m.7 views

BIT-GRAFANA-2026-33377 Dashboard Import Overwrites ACL — Editor Privilege Escalation to Dashboard Admin

An Editor can overwrite a dashboard not owned by them to acquire admin on that specific dashboard. The user must have write access to the dashboard to escalate privilege...

7.1CVSS5.8AI score0.00226EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/02/18 11:31 a.m.10 views

grafana/grafana/pkg/services/dashboards: Grafana Dashboard Permissions Scope Bypass Enables Cross‑Dashboard Privilege Escalation

An authorization error has been discovered in Grafana dashboards. The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions: action. As a result, a user who has permission management rights on one dashboard can read and modify permissions ...

8.1CVSS5.8AI score0.00647EPSS
Exploits1References5
NVD
NVD
added 2026/01/15 1:16 p.m.6 views

CVE-2026-0713

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

0.00037EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-9124

Malware in sbrugna...

6.1CVSS6.3AI score0.01288EPSS
Exploits1References5
Wallarm Lab
Wallarm Lab
added 2025/09/11 11:0 a.m.7 views

Inside Wallarm Security Edge: Instant Protection at the API Edge

APIs are now the beating heart of digital infrastructure. But as they have risen in importance, they’ve also become prime targets for attackers. Complex, often poorly understood API behaviors present rich opportunities for exploitation, and too often, security teams are left scrambling to protect...

6.9AI score
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:7 a.m.19 views

Security Bulletin: IBM Security Verify Information Queue displays the Grafana signing key when setting up the logs stack (CVE-2021-20412)

Summary IBM Security Verify Information Queue ISIQ offers an optional logs stack to demonstrate logging and monitoring. Among the stack's components is a Grafana dashboard. The initialization file for Grafana contains a hard-coded signing key. As of ISIQ v10.0.0, this signing key has been removed...

7.5CVSS7.6AI score0.00886EPSS
Exploits0Affected Software1
Virtuozzo
Virtuozzo
added 2023/11/27 12:0 a.m.30 views

Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)

In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...

7.3AI score
Exploits0
Fedora
Fedora
added 2022/04/20 7:12 p.m.48 views

[SECURITY] Fedora 35 Update: grafana-7.5.15-2.fc35

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB...

8.8CVSS9AI score0.05994EPSS
Exploits2
Virtuozzo
Virtuozzo
added 2022/03/29 12:0 a.m.32 views

Virtuozzo Hybrid Infrastructure 5.4 Update 1 (5.4.1-59)

This update provides new features, as well as stability fixes for the compute and core storage services. Vulnerability id: VSTOR-62742 A VM creation fails with the error 'Unable to update the attachment.' Vulnerability id: VSTOR-65824 Some charts in the admin panel or Grafana dashboard may be...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/11/30 12:0 a.m.40 views

openSUSE Security Update : ceph (openSUSE-2020-2057)

This update for ceph fixes the following issues : - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue...

8.8CVSS7.6AI score0.01022EPSS
Exploits0References10
OPENSUSE Linux
OPENSUSE Linux
added 2020/11/27 12:0 a.m.40 views

Security update for ceph (moderate)

openSUSE Security Update: Security update for ceph Announcement ID: openSUSE-SU-2020:2057-1 Rating: moderate References: 1151612 1158257 1169134 1170487 1174591 1175061 1175240 1175781 1177843 Cross-References: CVE-2020-25660 Affected Products: openSUSE Leap 15.1 An update that solves one...

8.8CVSS7AI score0.01022EPSS
Exploits0References9
OSV
OSV
added 2020/11/26 11:24 p.m.6 views

OPENSUSE-SU-2020:2057-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue whe...

8.8CVSS8.8AI score0.01022EPSS
Exploits0References11
OSV
OSV
added 2020/11/20 11:14 a.m.6 views

SUSE-SU-2020:3459-1 Security update for ceph

This update for ceph fixes the following issues: - CVE-2020-25660: Bring back CEPHXV2 authorizer challenges bsc1177843. - Major batch refactor of ceph-volume that addresses a couple of issues bsc1151612, bsc1158257 - Documented Prometheus' security model bsc1169134 - monclient: Fixed an issue whe...

8.8CVSS8.8AI score0.01022EPSS
Exploits0References11
Hacker One
Hacker One
added 2019/08/29 9:32 a.m.49 views

GitLab: Stored XSS for Grafana dashboard URL

Hi GitLab Security Team Summary I found a stored XSS vulnerability in the admins page. The administrator can set up a Grafana dashboard. Here, the administrator can either enter a relative URL or an absolute address. However, when adding an absolute URL, the protocol is not checked allowing to ad...

0.1AI score
Exploits0
Rows per page
Query Builder