Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
elastic vulnerabilities and exploits
(subscribe to this query)
5.5
CVSSv3
CVE-2023-30434
IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 up to and including 5.1.2.9, 5.1.3.0 up to and including 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 up to and including 6.1.2.5, 6.1.3.0 up to and including 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force I...
Ibm Spectrum Scale
Ibm Elastic Storage System
8.8
CVSSv3
CVE-2023-31414
Kibana versions 8.0.0 up to and including 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitra...
Elastic Kibana
8.8
CVSSv3
CVE-2023-31415
Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with...
Elastic Kibana 8.7.0
3.3
CVSSv3
CVE-2023-31413
Filebeat versions up to and including 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled.
Elastic Filebeat 8.6.2
Elastic Filebeat
7.5
CVSSv3
CVE-2023-25934
DELL ECS before 3.8.0.2 contains an improper verification of cryptographic signature vulnerability. A network attacker with an ability to intercept the request could potentially exploit this vulnerability to modify the body data of the request.
Dell Elastic Cloud Storage
4.9
CVSSv3
CVE-2023-21981
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromi...
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Peoplesoft Enterprise Peopletools 8.60
6.1
CVSSv3
CVE-2022-38779
An open redirect issue exists in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
Elastic Kibana
6.5
CVSSv3
CVE-2022-43869
IBM Spectrum Scale (5.1.0.0 up to and including 5.1.2.8 and 5.1.3.0 up to and including 5.1.5.1) and IBM Elastic Storage System (6.1.0.0 up to and including 6.1.2.4 and 6.1.3.0 up to and including 6.1.4.1) could allow an authenticated user to cause a denial of service through the...
Ibm Elastic Storage System
Ibm Spectrum Scale
7.8
CVSSv3
CVE-2022-38777
An issue exists in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate their privileges to those of the LocalSystem account.
Elastic Endgame
Elastic Endpoint Security
6.5
CVSSv3
CVE-2022-38778
A flaw (CVE-2022-38900) exists in one of Kibana’s third party dependencies, that could allow an authenticated user to perform a request that crashes the Kibana server process.
Elastic Kibana
Decode-uri-component Project Decode-uri-component
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
remote code execution
CVE-2024-34909
CVE-2024-3317
SSTI
CVE-2024-3400
CVE-2024-30051
wireless
CVE-2024-4622
CVE-2024-4908
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »