Lucene search
K

7 matches found

OSV
OSV
added 2026/02/18 12:0 a.m.5 views

ALSA-2026:2914 Important: grafana security update

Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 grafana/grafana/pkg/services/dashboards: Grafana...

10CVSS5.6AI score0.01945EPSS
Exploits5References12
Grafana
Grafana
added 2026/01/27 12:0 a.m.12 views

Cross-dashboard privilege escalation via permission management

Grafana is an open-source platform for monitoring and observability. The platform supports creating dashboards, which collate various visualisation panels onto one plane. These can have per-user permissions. If a user has permission management rights on one dashboard, they could edit the...

8.1CVSS7.2AI score0.00647EPSS
Exploits1
OSV
OSV
added 2025/09/09 8:52 p.m.6 views

GHSA-VGMM-27FC-VMGP Maho is Vulnerable to Authenticated Remote Code Execution via File Upload

Summary In Maho 25.7.0, an authenticated staff user with access to the Dashboard and Catalog\Manage Products permissions can create a custom option on a listing with a file input field. By allowing file uploads with a .php extension, the user can use the filed to upload malicious PHP files, gaini...

8.7CVSS8.4AI score0.00286EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/09/08 12:0 a.m.5 views

PT-2025-36514

Name of the Vulnerable Software and Affected Versions: Maho versions prior to 25.9.0 Description: Maho is a free and open source ecommerce platform. An authenticated staff user with access to the Dashboard and CatalogManage Products permissions can create a custom option on a listing with a file...

8.7CVSS7.5AI score0.00286EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2025/06/02 10:6 a.m.8 views

CVE-2025-3260

A security vulnerability in the /apis/dashboard.grafana.app/ endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions v0alpha1, v1alpha1, v2alpha1. Impact: - Viewers can view all dashboards/folders regardless of permissions -...

8.3CVSS8.1AI score0.00484EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/02 12:0 a.m.5 views

Grafana 安全漏洞

Grafana is a set of open source monitoring tools from Grafana open source that provides a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana that stems from a dashboard...

8.3CVSS8AI score0.00484EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:24 a.m.2 views

CVE-2024-6354

Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard...

7.2CVSS6.9AI score0.00786EPSS
Exploits0References1
Rows per page
Query Builder