20 matches found
ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.6.2), br.com.simpli:simpli-ws (>=1.2.1 <=2.2.0) +1034 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=7.0.0 <=8.18.7)
org.elasticsearch:elasticsearch MAVEN version =7.0.0, =j8.2.2.0, =1.2.1, =0.0.1-alpha, =5.3.0, =5.6.5, =5.3.0, =5.3.0, =5.3.0, =5.3.0, =6.2.0, =6.8.0, =6.4.0, =5.3.0, =5.3.0, =5.3.0, =5.4.0 and more Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...
org.elasticsearch.test:framework (>=8.19.0 <=8.19.16), org.elasticsearch.test:yaml-rest-runner (>=8.19.0 <=8.19.16) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.19.0 <=8.19.4)
org.elasticsearch:elasticsearch MAVEN version =8.19.0, =8.19.0, =8.19.0, =8.19.2, =8.19.4 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...
org.elasticsearch.test:framework (>=9.1.0 <=9.1.10), org.elasticsearch.test:yaml-rest-runner (>=9.1.0 <=9.1.10) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.1.0 <=9.1.4)
org.elasticsearch:elasticsearch MAVEN version =9.1.0, =9.1.0, =9.1.0, =9.1.2, =9.1.4 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...
net.sc8s:elastic-testkit_2.13 (>=0.102.0 <=0.110.0), org.elasticsearch.test:framework (>=9.0.0 <=9.0.7) +3 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.0.0-beta1 <=9.0.7)
org.elasticsearch:elasticsearch MAVEN version =9.0.0-beta1, =0.102.0, =9.0.0, =9.0.0, =1.7.es904.0, =9.0.0, =9.0.3 Source cves: CVE-2025-37727 Source advisory: OSV:GHSA-56R7-H6MW-RCFV...
com.farcsal.dql:query-es (=0.8.0), com.github.ben-manes.caffeine:simulator (>=3.0.4 <=3.0.5) +14 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.0.0-alpha1 <=8.18.7)
org.elasticsearch:elasticsearch MAVEN version =8.0.0-alpha1, =3.0.4, =1.2.0, =0.83.0, =7.23.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.0.0, =8.10.0, =1.6.es801.0, =1.7.es8184.0 and more Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...
org.elasticsearch.test:framework (>=9.1.0 <=9.1.10), org.elasticsearch.test:yaml-rest-runner (>=9.1.0 <=9.1.10) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=9.1.0 <=9.1.4)
org.elasticsearch:elasticsearch MAVEN version =9.1.0, =9.1.0, =9.1.0, =9.1.2, =9.1.4 Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...
ai.ylyue:yue-library-data-es (>=j8.2.2.0 <=j11.2.2.0), ca.bc.gov.tno:elastic (>=0.0.1-alpha <=0.0.5-alpha) +106 more potentially affected by CVE-2025-37727 via org.elasticsearch.plugin:reindex-client (>=7.0.0-alpha1 <=7.9.3)
org.elasticsearch.plugin:reindex-client MAVEN version =7.0.0-alpha1, =j8.2.2.0, =0.0.1-alpha, =2.1.0.M8, =2.1.0.M8, =1.4.1, =1.4.0, =2.0.5, =7.0.0, =1.1.0, =5.0.3.7.4, =5.0.3.6, =0.0.1, =1.0.2, =1.0.3 - com.cherokeesoft.fias:Fias =1.0.1 and more Source cves: CVE-2025-37727 Source advisory:...
org.elasticsearch.test:framework (>=8.19.0 <=8.19.16), org.elasticsearch.test:yaml-rest-runner (>=8.19.0 <=8.19.16) +1 more potentially affected by CVE-2025-37727 via org.elasticsearch:elasticsearch (>=8.19.0 <=8.19.4)
org.elasticsearch:elasticsearch MAVEN version =8.19.0, =8.19.0, =8.19.0, =8.19.2, =8.19.4 Source cves: CVE-2025-37727 Source advisory: SNYK:JAVA-ORGELASTICSEARCH-13517507...
CVE-2025-37727
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex...
CVE-2025-37727
creationtimestamp| type| source ---|---|--- 2025-10-10 10:11:13+00:00| seen| Telegram/gZXqjxalKFyeJv7B16o9KnhN3B9APi538FprDhRtU3BRxaM...
CVE-2025-37727 Elasticsearch Insertion of sensitive information in log file
Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API https://www.elastic.co/docs/api/doc/elasticsearch/operation/operation-reindex...
Elasticsearch 7.0.x <= 7.17.29 / 8.0.x < 8.18.8 / 8.19.x < 8.19.5 / 9.0.x < 9.0.8 / 9.1.x < 9.1.5 (ESA-2025-18)
The version of Elasticsearch installed on the remote host is prior to 8.18.8, 8.19.5, 9.0.8, or 9.1.5. It is, therefore, affected by a vulnerability as referenced in the ESA-2025-18 advisory. - Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality und...
Elasticsearch 8.18.8, 8.19.5, 9.0.8, 9.1.5 Security Update (ESA-2025-18)
Elasticsearch Insertion of sensitive information in log file ESA-2025-18 Insertion of sensitive information in log file in Elasticsearch can lead to loss of confidentiality under specific preconditions when auditing requests to the reindex API Affected Versions: 7.x: All versions from 7.0.0 and u...
MAL-2025-37727 Malicious code in undertow-umbrella-scu465-project (npm)
The package undertow-umbrella-scu465-project was found to contain malicious code...
CVE-2021-37727
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...
Siemens SCALANCE W1750D Command Injection (CVE-2021-37727)
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...
CVE-2021-37727
creationtimestamp| type| source ---|---|--- 2021-10-12 18:25:47+00:00| seen| https://t.me/cibsecurity/30421...
CVE-2021-37727
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...
CVE-2021-37727
A remote arbitrary command execution vulnerability was discovered in HPE Aruba Instant IAP versions: 6.4.x.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x.x: 6.5.4.20 and below; Aruba Instant 8.5.x.x: 8.5.0.12 and below; Aruba Instant 8.6.x.x: 8.6.0.11 and below; Aruba Instant 8.7.x.x: 8.7.1.3...
CVE-2021-37727
CVE-2021-37727 describes a remote command injection in HPE Aruba Instant (IAP) CLI/Web UI. Root cause: improper neutralization of special elements used in a command. Impact: unauthenticated remote arbitrary command execution with high risk, as documented (CVSSv3 base 7.2). Affected: Aruba Instant...