Lucene search
K

20 matches found

vulnersOsv
vulnersOsv
added 2025/10/10 12:30 p.m.6 views

ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +1034 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=7.0.0 <=8.18.7)

org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j8.2.2.0, =1.2.1, =0.0.1-alpha, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.4.0 and more Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

5.7CVSS5.4AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 12:30 p.m.7 views

org.elasticsearch.test:framework (>=8.19.0 <=8.19.16), org.elasticsearch.test:yaml-rest-runner (>=8.19.0 <=8.19.16) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.19.0 <=8.19.4)

org.elasticsearch:elasticsearch MAVEN version =8.19.0, =8.19.0, =8.19.0, =8.19.2, =8.19.4 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

5.7CVSS5.4AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 12:30 p.m.9 views

org.elasticsearch.test:framework (>=9.1.0 <=9.1.10), org.elasticsearch.test:yaml-rest-runner (>=9.1.0 <=9.1.10) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.1.0 <=9.1.4)

org.elasticsearch:elasticsearch MAVEN version =9.1.0, =9.1.0, =9.1.0, =9.1.2, =9.1.4 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

5.7CVSS5.8AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 12:30 p.m.8 views

net.sc8s:elastic-testkit_2.13 (>=0.102.0 <=0.110.0), org.elasticsearch.test:framework (>=9.0.0 <=9.0.7) +3 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.0.0-beta1 <=9.0.7)

org.elasticsearch:elasticsearch MAVEN version =9.0.0-beta1, =0.102.0, =9.0.0, =9.0.0, =1.7.es904.0, =9.0.0, =9.0.3 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...

5.7CVSS5.7AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 10:41 a.m.7 views

com.farcsal.dql:query-es (=0.8.0), com.github.ben-manes.caffeine:simulator (>=3.0.4 <=3.0.5) +14 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.0.0-alpha1 <=8.18.7)

org.elasticsearch:elasticsearch MAVEN version =8.0.0-alpha1, =3.0.4, =1.2.0, =0.83.0, =7.23.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.10.0, =1.6.es801.0, =1.7.es8184.0 and more Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...

5.7CVSS5.8AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 10:41 a.m.7 views

org.elasticsearch.test:framework (>=9.1.0 <=9.1.10), org.elasticsearch.test:yaml-rest-runner (>=9.1.0 <=9.1.10) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.1.0 <=9.1.4)

org.elasticsearch:elasticsearch MAVEN version =9.1.0, =9.1.0, =9.1.0, =9.1.2, =9.1.4 Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...

5.7CVSS5.8AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 10:41 a.m.6 views

ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.2.0), ca.bc.gov.tno:elastic (>=0.0.1-alpha <=0.0.5-alpha) +106 more potentially affected by CVE-2025-37727 via org.elasticsearch.plugin:reindex-client (>=7.0.0-alpha1 <=7.9.3)

org.elasticsearch.plugin:reindex-client MAVEN version =7.0.0-alpha1, =j8.2.2.0, =0.0.1-alpha, =2.1.0.M8, =2.1.0.M8, =1.4.1, =1.4.0, =2.0.5, =7.0.0, =1.1.0, =5.0.3.7.4, =5.0.3.6, =0.0.1, =1.0.2, =1.0.3 - com.cherokeesoft.fias:Fias =1.0.1 and more Source cves: CVE-2025-37727 Source advisory:...

5.7CVSS5.8AI score0.00225EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/10/10 10:41 a.m.9 views

org.elasticsearch.test:framework (>=8.19.0 <=8.19.16), org.elasticsearch.test:yaml-rest-runner (>=8.19.0 <=8.19.16) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.19.0 <=8.19.4)

org.elasticsearch:elasticsearch MAVEN version =8.19.0, =8.19.0, =8.19.0, =8.19.2, =8.19.4 Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...

5.7CVSS5.4AI score0.00225EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2025/10/10 10:15 a.m.3 views

CVE-2025-37727

Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex...

5.7CVSS7.2AI score0.00225EPSS
Exploits0References1
Circl
Circl
added 2025/10/10 10:11 a.m.5 views

CVE-2025-37727

creationtimestamp| type| source ---|---|--- 2025-10-10 10:11:13+00:00| seen| Telegram/gZXqjxalKFyeJv7B16o9KnhN3B9APi538FprDhRtU3BRxaM...

5.7CVSS4.7AI score0.00225EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/10 9:56 a.m.14 views

CVE-2025-37727 Elasticsearch Insertion of sensitive information in log file

Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex...

5.7CVSS0.00225EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/10/10 12:0 a.m.25 views

Elasticsearch 7.0.x <= 7.17.29 / 8.0.x < 8.18.8 / 8.19.x < 8.19.5 / 9.0.x < 9.0.8 / 9.1.x < 9.1.5 (ESA-2025-18)

The version of Elasticsearch installed on the remote host is prior to 8.18.8, 8.19.5, 9.0.8, or 9.1.5. It is, therefore, affected by a vulnerability as referenced in the ESA-2025-18 advisory. - Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality und...

5.7CVSS8.1AI score0.00225EPSS
Exploits0References2
Elastic
Elastic
added 2025/10/06 4:40 p.m.22 views

Elasticsearch 8.18.8, 8.19.5, 9.0.8, 9.1.5 Security Update (ESA-2025-18)

Elasticsearch Insertion of sensitive information in log file ESA-2025-18 Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API Affected Versions: 7.x: All versions from 7.0.0 and u...

5.7CVSS6.7AI score0.00225EPSS
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-37727 Malicious code in undertow-umbrella-scu465-project (npm)

The package undertow-umbrella-scu465-project was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 6:40 p.m.7 views

CVE-2021-37727

A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...

9CVSS7.4AI score0.02957EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/04/11 12:0 a.m.20 views

Siemens SCALANCE W1750D Command Injection (CVE-2021-37727)

A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...

9CVSS7.4AI score0.02957EPSS
Exploits0References4
Circl
Circl
added 2021/10/12 6:25 p.m.10 views

CVE-2021-37727

creationtimestamp| type| source ---|---|--- 2021-10-12 18:25:47+00:00| seen| https://t.me/cibsecurity/30421...

9CVSS7AI score0.02957EPSS
Exploits0References1
NVD
NVD
added 2021/10/12 3:15 p.m.24 views

CVE-2021-37727

A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...

9CVSS0.02957EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2021/10/12 3:15 p.m.2 views

CVE-2021-37727

A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...

9CVSS5.9AI score0.02957EPSS
Exploits0References3
CVE
CVE
added 2021/10/12 2:8 p.m.67 views

CVE-2021-37727

CVE-2021-37727 describes a remote command injection in HPE Aruba Instant (IAP) CLI/Web UI. Root cause: improper neutralization of special elements used in a command. Impact: unauthenticated remote arbitrary command execution with high risk, as documented (CVSSv3 base 7.2). Affected: Aruba Instant...

9CVSS7.2AI score0.02957EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder