Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-38387
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <= 1.2.6 versions.
Elasticemail Elastic Email Sender
NA
CVE-2023-30434
IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 up to and including 5.1.2.9, 5.1.3.0 up to and including 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 up to and including 6.1.2.5, 6.1.3.0 up to and including 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force I...
Ibm Spectrum Scale
Ibm Elastic Storage System
NA
CVE-2023-31413
Filebeat versions up to and including 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.
Elastic Filebeat 8.6.2
Elastic Filebeat
NA
CVE-2023-31414
Kibana versions 8.0.0 up to and including 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitra...
Elastic Kibana
NA
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with...
Elastic Kibana 8.7.0
NA
CVE-2023-25934
DELL ECS before 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.
Dell Elastic Cloud Storage
NA
CVE-2023-21981
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromi...
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Peoplesoft Enterprise Peopletools 8.60
NA
CVE-2022-38779
An open redirect issue exists in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
Elastic Kibana
NA
CVE-2022-43869
IBM Spectrum Scale (5.1.0.0 up to and including 5.1.2.8 and 5.1.3.0 up to and including 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 up to and including 6.1.2.4 and 6.1.3.0 up to and including 6.1.4.1) could allow an authenticated user to cause a denial of service through the...
Ibm Elastic Storage System
Ibm Spectrum Scale
NA
CVE-2022-38777
An issue exists in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Elastic Endgame
Elastic Endpoint Security
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »