Severity Critical High Medium Low Informational Vulnerability Categories Abuse Of Functionality Acumonitor Arbitrary File Creation Authentication Bypass Bruteforce Possible Buffer Overflow CSRF CSTI Code Execution Configuration Crlf Injection Deepscan Default Credentials Denial-of-service Dev Files Directory Listing Directory Traversal Eli Injection Error Handling File Inclusion Http Parameter Pollution Http Response Splitting Information Disclosure Insecure Admin Access Insecure Deserialization Internal Ip Disclosure Known Vulnerabilitie Known Vulnerabilities Ldap Injection Malware Missing Update Privilege Escalation Remote Code Execution SSRF SSTI Sensitive Data Not Over Ssl Server Side Template Injection Session Fixation Source Code Disclosure Sql Injection Test Files Unauthenticated File Upload Url Redirection Weak Credentials Weak Crypto XFS XSS XXE Xpath Injection Vulnerability Name CVE CWE CWE Severity GlassFish Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-1950) CVE-2016-1950 CWE-119 CWE-119 High GlassFish Observable Discrepancy Vulnerability (CVE-2013-1620) CVE-2013-1620 CWE-203 CWE-203 Medium GlassFish Use of Hard-coded Credentials Vulnerability (CVE-2018-14324) CVE-2018-14324 CWE-798 CWE-798 Critical Global.asa backup file found CWE-538 CWE-538 Medium GlobalProtect PAN-OS RCE (CVE-2024-3400) CVE-2024-3400 CWE-77 CWE-77 Critical GoAhead web server remote code execution CVE-2017-17562 CWE-94 CWE-94 High GoAnywhere MFT Authentication Bypass (CVE-2024-0204) CVE-2024-0204 CWE-425 CWE-425 Critical GoCD information disclosure (CVE-2021-43287) CVE-2021-43287 CWE-200 CWE-200 High Golang runtime profiling data CWE-200 CWE-200 Medium Go web application binary disclosure CWE-540 CWE-540 Medium Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2022-35957) CVE-2022-35957 CWE-290 CWE-290 Medium Grafana Authentication Bypass by Spoofing Vulnerability (CVE-2023-3128) CVE-2023-3128 CWE-290 CWE-290 Critical Grafana avatar SSRF CVE-2020-13379 CWE-78 CWE-78 High Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2020-12458) CVE-2020-12458 CWE-312 CWE-312 Medium Grafana Cleartext Storage of Sensitive Information Vulnerability (CVE-2022-26148) CVE-2022-26148 CWE-312 CWE-312 Critical Grafana Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2022-39328) CVE-2022-39328 CWE-362 CWE-362 High Grafana Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2022-21703) CVE-2022-21703 CWE-352 CWE-352 High Grafana CVE-2021-27358 Vulnerability (CVE-2021-27358) CVE-2021-27358 High Grafana CVE-2022-39201 Vulnerability (CVE-2022-39201) CVE-2022-39201 High Grafana CVE-2022-39307 Vulnerability (CVE-2022-39307) CVE-2022-39307 Medium Grafana CVE-2023-1387 Vulnerability (CVE-2023-1387) CVE-2023-1387 High Grafana CVE-2023-4399 Vulnerability (CVE-2023-4399) CVE-2023-4399 High Grafana CVE-2023-4822 Vulnerability (CVE-2023-4822) CVE-2023-4822 High Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-19039) CVE-2018-19039 CWE-200 CWE-200 Medium Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-19499) CVE-2019-19499 CWE-200 CWE-200 Medium Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-12459) CVE-2020-12459 CWE-200 CWE-200 Medium Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-21673) CVE-2022-21673 CWE-200 CWE-200 Medium Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2022-23498) CVE-2022-23498 CWE-200 CWE-200 High Grafana Externally Controlled Reference to a Resource in Another Sphere Vulnerability (CVE-2021-41244) CVE-2021-41244 CWE-610 CWE-610 Critical Grafana Improper Authentication Vulnerability (CVE-2018-15727) CVE-2018-15727 CWE-287 CWE-287 Critical Grafana Improper Authentication Vulnerability (CVE-2021-28148) CVE-2021-28148 CWE-287 CWE-287 High Grafana Improper Authentication Vulnerability (CVE-2021-39226) CVE-2021-39226 CWE-287 CWE-287 High Grafana Improper Authentication Vulnerability (CVE-2022-32276) CVE-2022-32276 CWE-287 CWE-287 High Grafana Improper Authentication Vulnerability (CVE-2022-39229) CVE-2022-39229 CWE-287 CWE-287 Medium Grafana Improper Input Validation Vulnerability (CVE-2022-39306) CVE-2022-39306 CWE-20 CWE-20 High Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43798) CVE-2021-43798 CWE-22 CWE-22 High Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43813) CVE-2021-43813 CWE-22 CWE-22 Medium Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2021-43815) CVE-2021-43815 CWE-22 CWE-22 Medium Grafana Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2022-32275) CVE-2022-32275 CWE-22 CWE-22 High Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-12099) CVE-2018-12099 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18623) CVE-2018-18623 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18624) CVE-2018-18624 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-18625) CVE-2018-18625 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1000816) CVE-2018-1000816 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-13068) CVE-2019-13068 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-11110) CVE-2020-11110 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12052) CVE-2020-12052 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-12245) CVE-2020-12245 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13430) CVE-2020-13430 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-24303) CVE-2020-24303 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41174) CVE-2021-41174 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-21702) CVE-2022-21702 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-23552) CVE-2022-23552 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-31097) CVE-2022-31097 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2022-39324) CVE-2022-39324 CWE-707 CWE-707 Low Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0507) CVE-2023-0507 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0594) CVE-2023-0594 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1410) CVE-2023-1410 CWE-707 CWE-707 Medium Grafana Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-22462) CVE-2023-22462 CWE-707 CWE-707 Medium Grafana Improper Preservation of Permissions Vulnerability (CVE-2022-36062) CVE-2022-36062 CWE-281 CWE-281 Low Grafana Improper Synchronization Vulnerability (CVE-2023-2801) CVE-2023-2801 CWE-662 CWE-662 Medium Grafana Improper Verification of Cryptographic Signature Vulnerability (CVE-2022-31123) CVE-2022-31123 CWE-347 CWE-347 High Grafana Incorrect Authorization Vulnerability (CVE-2021-28146) CVE-2021-28146 CWE-863 CWE-863 Medium Grafana Incorrect Authorization Vulnerability (CVE-2022-21713) CVE-2022-21713 CWE-863 CWE-863 Medium Grafana Incorrect Authorization Vulnerability (CVE-2022-31107) CVE-2022-31107 CWE-863 CWE-863 High Grafana Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-27962) CVE-2021-27962 CWE-732 CWE-732 High Grafana Insufficiently Protected Credentials Vulnerability (CVE-2019-15635) CVE-2019-15635 CWE-522 CWE-522 Medium Grafana Insufficiently Protected Credentials Vulnerability (CVE-2022-31130) CVE-2022-31130 CWE-522 CWE-522 High Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043) CVE-2019-15043 CWE-306 CWE-306 High Grafana Missing Authentication for Critical Function Vulnerability (CVE-2022-28660) CVE-2022-28660 CWE-306 CWE-306 Critical Grafana Missing Authorization Vulnerability (CVE-2023-2183) CVE-2023-2183 CWE-862 CWE-862 Medium Grafana Other Vulnerability (CVE-2021-28147) CVE-2021-28147 Medium Grafana Plugin Dir Traversal (CVE-2021-43798) CVE-2021-43798 CWE-200 CWE-200 High Grafana Server-Side Request Forgery (SSRF) Vulnerability (CVE-2020-13379) CVE-2020-13379 CWE-918 CWE-918 High Grafana Signature Verification Vulnerability (CVE-2020-27846) CVE-2020-27846 Critical 1...37383940...293 38 / 293
