Filter
Software
elastic kibana
61
elastic elasticsearch
33
elastic logstash
12
elastic x-pack
9
elastic elastic cloud enterprise
6
elastic enterprise search
5
elastic apm server
4
elastic endpoint security
4
elastic apm agent
3
elastic elastic agent
2
elastic elastic app search
2
elastic elastic beats
2
elastic elastic cloud on kubernetes
2
elastic elasticsearch x-pack
2
elastic endgame
2
elastic kibana x-pack
2
elastic logstash x-pack
2
elasticsearch elasticsearch
2
elasticsearch logstash
2
elastic apm .net agent
1
elastic apm java agent
1
elastic apm-agent-ruby
1
elastic azure repository
1
elastic elastic fleet server
1
elastic elastic sharepoint online python connector
1
elastic endpoint
1
elastic filebeat
1
elastic fleet server
1
elastic kibana reporting
1
elastic network drive connector
1
elastic winlogbeat
1
elasticsearch kibana
1
Elastic KibanaKibana Arbitrary Code Execution
First published (updated )
Elastic KibanaA deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse…
9.9
First published (updated )
Elasticsearch ElasticsearchElasticsearch Groovy Scripting Engine Remote Code Execution Vulnerability
First published (updated )
Elastic LogstashA sensitive data disclosure flaw was found in the way Logstash versions before 5.6.15 and 6.6.1 logs…
9.8
First published (updated )
Elastic KibanaKibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorizatio…
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Elastic KibanaKibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plug…
9.8
First published (updated )
Elastic ElasticsearchElasticsearch before 1.6.1 allows remote attackers to execute arbitrary code via unspecified vectors…
9.8
First published (updated )
Elastic KibanaKibana arbitrary code execution via prototype pollution
9.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-46668Elastic Endpoint Insertion of Sensitive Information into Log File
9.1
First published (updated )
Elastic KibanaKibana Insertion of Sensitive Information into Log File
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Elastic Enterprise SearchElastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API key…
8.8
First published (updated )
Elastic Enterprise SearchElastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API key…
8.8
First published (updated )
Elastic ElasticsearchThe fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Elastic X-PackElastic X-Pack Security versions 5.0.0 to 5.4.0 contain a privilege escalation bug in the run_as fun…
8.8
First published (updated )
Elastic X-PackAn error was found in the permission model used by X-Pack Alerting 5.0.0 to 5.6.0 whereby users mapp…
8.8
First published (updated )
Elastic Enterprise SearchElastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interfac…
8.8
First published (updated )
Elastic ElasticsearchElasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation…
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Elastic ElasticsearchElasticsearch privilege escalation
8.8
First published (updated )
Elastic LogstashLogstash Insertion of Sensitive Information into Log File
8.4
First published (updated )
Elastic ElasticsearchA permission issue was found in Elasticsearch versions before 5.6.15 and 6.6.1 when Field Level Secu…
8.1
First published (updated )
Elastic Azure RepositoryA sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticse…
8.1
First published (updated )
CVE-2023-46667Fleet Server Insertion of Sensitive Information into Log File
8.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.