Filter
AND

Elastic Apm ServerAPM Server Insertion of Sensitive Information into Log File

7.5
EPSS
0.09%
First published (updated )

Elastic KibanaKibana Insertion of Sensitive Information into Log File

First published (updated )

Elastic KibanaKibana Insertion of Sensitive Information into Log File

First published (updated )

maven/org.elasticsearch:elasticsearch-hadoopElasticsearch-hadoop Unsafe Deserialization

7.8
First published (updated )

maven/org.elasticsearch:elasticsearchIt was identified that malformed scripts used in the script processor of an Ingest Pipeline could ca…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic ElasticsearchElasticsearch privilege escalation

8.8
First published (updated )

maven/co.elastic.apm:apm-agent-parentAPM Java Agent Local Privilege Escalation

7.8
First published (updated )

Elastic KibanaKibana Reporting vulnerabilities

8.8
First published (updated )

Elastic KibanaKibana code execution issue

7.2
First published (updated )

Elastic LogstashLogstash Insertion of Sensitive Information into Log File

8.4
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic ElasticsearchElasticsearch Insertion of sensitive information in audit logs

7.5
First published (updated )

Elastic ElasticsearchElasticsearch uncontrolled resource consumption

7.5
First published (updated )

maven/org.elasticsearch:elasticsearchElasticsearch StackOverflow vulnerability

7.5
First published (updated )

Elastic Elastic BeatsBeats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issue

7.5
First published (updated )

Elastic Fleet ServerFleet Server Insertion of Sensitive Information into Log File

8.1
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic KibanaCode Injection

8.8
First published (updated )

Elastic KibanaCode Injection

8.8
First published (updated )

Elastic Endpoint SecurityAn issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which coul…

7.8
First published (updated )

Elastic Endpoint SecurityAn issue was discovered in the quarantine feature of Elastic Endpoint Security and Elastic Endgame f…

7.8
First published (updated )

Elastic Endpoint SecurityAn issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which coul…

7.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic Endpoint SecurityA local privilege escalation (LPE) issue was discovered in the ransomware canaries features of Elast…

7.8
First published (updated )

Elastic ElasticsearchA Denial of Service flaw was discovered in Elasticsearch. Using this vulnerability, an unauthenticat…

7.5
First published (updated )

Elastic Apm AgentA local privilege escalation issue was found with the APM Java agent, where a user on the system cou…

7.8
First published (updated )

Elastic Enterprise SearchElastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API key…

8.8
First published (updated )

Elastic Enterprise SearchElastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API key…

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic ElasticsearchAll versions of Elastic Cloud Enterprise has the Elasticsearch “anonymous” user enabled by default i…

7.5
First published (updated )

Elastic Elastic App SearchXEE

7.5
First published (updated )

Elastic Enterprise SearchElastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interfac…

8.8
First published (updated )

Elastic ElasticsearchThe fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and…

8.8
First published (updated )

Elastic KibanaCode Injection

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic Elastic Cloud On KubernetesElastic Cloud on Kubernetes (ECK) versions prior to 1.1.0 generate passwords using a weak random num…

7.5
First published (updated )

redhat/kibanaCode Injection

7.2
First published (updated )

Elastic ElasticsearchElasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation…

8.8
First published (updated )

Elastic LogstashLogstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats inpu…

7.5
First published (updated )

pip/elastic-apmInput Validation

7.2
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic Apm-agent-rubyA TLS certificate validation flaw was found in Elastic APM agent for Ruby versions before 2.9.0. Whe…

7.4
First published (updated )

Elastic ElasticsearchA permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Secu…

8.1
First published (updated )

Elastic WinlogbeatWinlogbeat versions before 5.6.16 and 6.6.2 had an insufficient logging flaw. An attacker able to in…

7.5
First published (updated )

Elastic Azure RepositoryA sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticse…

8.1
First published (updated )

Elastic Elastic Cloud EnterpriseElastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

redhat/elasticsearchInfoleak

8.8
First published (updated )

Elastic X-PackAn error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapp…

8.8
First published (updated )

Elasticsearch LogstashInfoleak

7.5
First published (updated )

Elastic LogstashLogstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting ma…

7.5
First published (updated )

Elastic LogstashLogstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will creat…

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Elastic Kibana ReportingCSRF

8.8
First published (updated )

Elastic KibanaKibana versions prior to 5.2.1 configured for SSL client access, file descriptors will fail to be cl…

7.5
First published (updated )

Elastic X-PackInfoleak

7.5
First published (updated )

Elastic KibanaKibana before 4.5.4 and 4.1.11 when a custom output is configured for logging in, cookies and author…

7.5
First published (updated )

Elastic LogstashInfoleak

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203