11 matches found
AlmaLinux 9 : grafana (ALSA-2026:10226)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:10226 advisory. grafana: Grafana: Information disclosure of data-source passwords via public dashboards CVE-2026-27877 Tenable has extracted the preceding description block...
Oracle Linux 8 : grafana-pcp (ELSA-2026-11514)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-11514 advisory. - Resolves RHEL-166520: CVE-2026-32282 - Resolves RHEL-167381: CVE-2026-32280 Tenable has extracted the preceding description block directly from the...
BIT-GRAFANA-2026-27876 RCE on Grafana via sqlExpressions
A chained attack via SQL Expressions and a Grafana Enterprise plugin can lead to a remote arbitrary code execution impact RCE. This is enabled by a feature in Grafana OSS, so all users are always recommended to update to avoid future attack vectors going this path. Only instances with the...
Advisory ROSA-SA-2026-3146
Software: grafana 9.2.10 OS: ROSA Virtualization 3.1 unaffected versions = grafana-9.2.10-27.rv31 affected versions grafana-9.2.10-27.rv31 CVE-ID: CVE-2025-22871 BDU-ID: 2025-04014 CVE-Crit: CRITICAL CVE-DESC.: A vulnerability in the net/http package of the Go programming language is related to...
MiracleLinux 9 : grafana-10.2.6-9.el9_5 (AXSA:2025-9818:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9818:04 advisory. golang-jwt/jwt: jwt-go allows excessive memory allocation during header parsing CVE-2025-30204 Tenable has extracted the preceding description block directly...
MiracleLinux 8 : grafana-9.2.10-25.el8_10 (AXSA:2025-10021:06)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10021:06 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...
AlmaLinux 9 : grafana (ALSA-2025:8682)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:8682 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block directly fro...
SUSE-SU-2025:0622-1 Security update for grafana
This update for grafana fixes the following issues: grafana was updated from version 10.4.13 to 10.4.15: - Security issues fixed: CVE-2024-45339: Fixed vulnerability when creating log files bsc1236559 CVE-2024-11741: Fixed the Grafana Alerting VictorOps integration bsc1236734 CVE-2025-21613:...
RHSA-2025:0662 Red Hat Security Advisory: grafana security update
Bulletin has no description...
Fedora 39 : grafana-pcp (2023-3bc3404fc1)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-3bc3404fc1 advisory. Move location of plugin from /usr/share/... to /usr/libexec/... because there is a binary executable Tenable has extracted the preceding description block...
SUSE: Security Advisory (SUSE-SU-2023:2578-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...