Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-38778
A flaw (CVE-2022-38900) exists in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
Elastic Kibana
Decode-uri-component Project Decode-uri-component
7.8
CVSSv3
CVE-2022-38777
An issue exists in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Elastic Endgame
Elastic Endpoint Security
7.8
CVSSv3
CVE-2022-38774
An issue exists in the quarantine feature of Elastic Endpoint Security and Elastic Endgame for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Elastic Endgame
Elastic Endpoint Security
7.8
CVSSv3
CVE-2022-38775
An issue exists in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Elastic Endpoint Security
4.4
CVSSv3
CVE-2023-21824
Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Supported versions that are affected are 12.0.0.3.0-12.0.0.7.0. Easily exploitable vulnerability allows high priv...
Oracle Communications Billing And Revenue Management Elastic Charging Engine
Oracle Communications Cloud Native Core Policy 22.3.0
Oracle Communications Cloud Native Core Binding Support Function 22.3.0
5.4
CVSSv3
CVE-2023-21844
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Peop...
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Peoplesoft Enterprise Peopletools 8.60
4.2
CVSSv3
CVE-2022-46174
efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to r...
Amazon Efs-utils
Amazon Elastic File System Container Storage Interface Driver
5.4
CVSSv3
CVE-2021-37936
It exists that Kibana was not sanitizing document fields containing HTML snippets. Using this vulnerability, an attacker with the ability to write documents to an elasticsearch index could inject HTML. When the Discover app highlighted a search term containing the HTML, it would ...
Elastic Kibana
6.1
CVSSv3
CVE-2021-22141
An open redirect flaw was found in Kibana versions prior to 7.13.0 and 6.8.16. If a logged in user visits a maliciously crafted URL, it could result in Kibana redirecting the user to an arbitrary website.
Elastic Kibana
6.1
CVSSv3
CVE-2022-21639
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search Integration). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to co...
Oracle Peoplesoft Enterprise 8.59
Oracle Peoplesoft Enterprise 8.60
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »