31 matches found
CVE-2026-22639
...
PT-2026-3006
Name of the Vulnerable Software and Affected Versions Grafana versions prior to 10.4.19+security-01 Grafana versions prior to 11.2.10+security-01 Grafana versions prior to 11.3.7+security-01 Grafana versions prior to 11.4.5+security-01 Grafana versions prior to 11.5.5+security-01 Grafana versions...
EUVD-2025-0215
Malicious code in bioql PyPI...
EUVD-2025-21759
Malicious code in bioql PyPI...
Grafana Labs Integration URL Exposed to Viewers (CVE-2025-3415)
The version of Grafana Labs installed on the remote host is affected by a vulnerability as referenced in the CVE-2025-3415 advisory. - Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to...
BIT-GRAFANA-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
Grafana's insecure DingDing Alert integration exposes sensitive information
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
GHSA-46M5-8HPJ-P5P5 Grafana's insecure DingDing Alert integration exposes sensitive information
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
CVE-2025-3415
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01,...
Grafana Labs 10.4.x < 10.4.15 / 11.0.x < 11.0.11 / 11.1.x < 11.1.11 / 11.2.x < 11.2.6 / 11.3.x < 11.3.3 / 11.4.x < 11.4.1, 11.5.0 (cve-2024-11741)
The version of Grafana Labs installed on the remote host is prior to 10.4.15, 11.0.11, 11.1.11, 11.2.6, 11.3.3, or 11.4.1, 11.5.0. It is, therefore, affected by a vulnerability as referenced in the cve-2024-11741 advisory. - Grafana is an open-source platform for monitoring and observability. The...
GO-2025-3438 Grafana Alerting VictorOps integration could be exposed to users with Viewer permission in github.com/grafana/grafana
Grafana Alerting VictorOps integration could be exposed to users with Viewer permission in github.com/grafana/grafana. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...
BIT-GRAFANA-2024-11741
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...
Improper Access Control
github.com/grafana/grafana is vulnerable to Improper Access Control. The vulnerability is due to improper access control in the Grafana Alerting VictorOps integration, allowing users with Viewer permission to access restricted functionality...
CVE-2024-11741
A flaw was found in Grafana Alerting VictorOps, Integration is not properly protected and could be exposed to users with Viewer permission. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising...
GHSA-WXCC-2F3Q-4H58 Grafana Alerting VictorOps integration could be exposed to users with Viewer permission
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...
Grafana Alerting VictorOps integration could be exposed to users with Viewer permission
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...
CVE-2024-11741
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...
UBUNTU-CVE-2024-11741
Grafana is an open-source platform for monitoring and observability. The Grafana Alerting VictorOps integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 11.5.0, 11.4.1, 11.3.3, 11.2.6, 11.1.11, 11.0.11 and 10.4.15...