Lucene search
K

36 matches found

NVD
NVD
added yesterday4 views

CVE-2026-49088

Insertion of Sensitive Information into Log File CWE-532 in Kibana can lead to information disclosure. When the optional application performance monitoring APM instrumentation is enabled, sensitive request header values could be recorded in application logs, where they may be accessible to...

4.4CVSS
Exploits0References1
CVE
CVE
added yesterday6 views

CVE-2026-49088

Insertion of Sensitive Information into Log File CWE-532 in Kibana can lead to information disclosure. When the optional application performance monitoring APM instrumentation is enabled, sensitive request header values could be recorded in application logs, where they may be accessible to...

4.4CVSS5.7AI score
Exploits0References1
Cvelist
Cvelist
added last week29 views

CVE-2026-53925 Glances: Arbitrary file write and command execution via `secure_popen` redirection and chaining operators in AMP command configuration

Glances is an open-source system cross-platform monitoring tool. From 4.0.8 until 4.5.5, the securepopen function in glances/secure.py interprets file redirection, | pipe, and && command chaining operators in command strings. These operators are applied without any validation on the target file...

7.8CVSS0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:25 a.m.23 views

CVE-2019-10462

A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...

8.1CVSS6.6AI score0.007EPSS
Exploits0References1
Fedora
Fedora
added 2025/03/28 12:20 a.m.26 views

[SECURITY] Fedora 42 Update: nodejs-nodemon-3.1.9-4.fc42

Simple monitor script for use during development of a node.js app. For use during development of a node.js based application. nodemon will watch the files in the directory in which nodemon was started, and if any files change, nodemon will automatically restart your node application. nodemon does...

7.5CVSS7.9AI score0.01471EPSS
Exploits1
CNNVD
CNNVD
added 2024/02/07 12:0 a.m.4 views

Elastic APM Log Information Disclosure Vulnerability

Elastic APM is a platform for monitoring and analyzing application performance from Elastic Netherlands. A log information disclosure vulnerability exists in Elastic APM Server versions prior to 8.12.1, which stems from a vulnerability that could lead to the insertion of sensitive or private...

7.5CVSS6.1AI score0.00577EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.2 views

Elastic APM Security Vulnerability

Elastic APM is a platform for monitoring and analyzing application performance from Elastic Netherlands. A security vulnerability exists in the Elastic APM Java agent. An attacker could exploit the vulnerability to execute code via elevated privilege...

7.8CVSS7.2AI score0.00249EPSS
Exploits0References3
Malwarebytes
Malwarebytes
added 2023/02/09 2:0 p.m.16 views

Introducing Malwarebytes Application Block: How to block unauthorized software from executing on Windows endpoints

Malwarebytes is excited to announce Application Block, a new module for Nebula and OneView for MSPs which helps organizations easily thwart unwanted applications from launching on Windows endpoints. For as many applications out there that help you keep business running as usual, there are just as...

7.2AI score
Exploits0
OSV
OSV
added 2022/05/24 4:59 p.m.15 views

GHSA-6XW9-QQ9H-CR68 Jenkins Dynatrace Plugin vulnerable to Insufficiently Protected Credentials

Jenkins Dynatrace Application Monitoring Plugin prior to 2.1.4 stores credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. NOTE: This plugin is marked as DEPRECATED...

7.8CVSS7.5AI score0.00333EPSS
Exploits0References4
OSV
OSV
added 2022/05/24 4:59 p.m.18 views

GHSA-X546-XRX3-HJX4 Jenkins Dynatrace Plugin vulnerable to Cross-Site Request Forgery

A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin prior to 2.1.4 allows attackers to connect to an attacker-specified URL using attacker-specified credentials. NOTE: This plugin is marked as DEPRECATED...

8.1CVSS8AI score0.007EPSS
Exploits0References5
Imperva Blog
Imperva Blog
added 2021/07/04 6:45 a.m.161 views

Compliance When Migrating to the Cloud: SQL Server Running on Azure vs. On- Premise

In the age of the data era, where data storage is increasing at an exponential rate and access to information is getting easier and faster, data security is a major concern. There are many cases where we can’t prevent people from accessing data, but we can track and investigate suspicious...

7.3AI score
Exploits0
CNVD
CNVD
added 2021/02/07 12:0 a.m.6 views

Micro Focus Application Performance Management Cross-Site Request Forgery Vulnerability

Micro Focus Application Performance Management is an application monitoring and management solution that lets you isolate any problems with all your applications - on-premise, cloud and mobile - in real time. A cross-site request forgery vulnerability exists in Micro Focus Application Performance...

6.5CVSS6.7AI score0.00478EPSS
Exploits0References1
CNVD
CNVD
added 2021/02/07 12:0 a.m.8 views

Micro Focus Application Performance Management Cross-Site Scripting Vulnerability

Micro Focus Application Performance Management is an application monitoring and management solution that lets you isolate any problems with all your applications - on-premise, cloud and mobile - in real time. A cross-site scripting vulnerability exists in Micro Focus Application Performance...

4.8CVSS6.1AI score0.00612EPSS
Exploits0References1
CNNVD
CNNVD
added 2020/12/15 12:0 a.m.5 views

Docker 访问控制错误漏洞

Docker is an open source application container engine from the American company Docker. It supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment and upgrade of applications through...

10CVSS7.3AI score0.02054EPSS
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2020/11/05 1:2 p.m.26 views

tCell by Rapid7 Now Available for the European Region

Today, we are excited to announce tCell by Rapid7, our next-gen WAF and RASP solution, is now available in the Rapid7 Insight cloud’s European region. Multi-national or European organizations with data sovereignty requirements can now leverage tCell to reduce the risk of a breach via hacking of...

Exploits0
NVD
NVD
added 2019/10/23 1:15 p.m.45 views

CVE-2019-10462

A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...

8.1CVSS8AI score0.007EPSS
Exploits0References2
OSV
OSV
added 2019/10/23 1:15 p.m.17 views

CVE-2019-10462

A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...

8.1CVSS6.9AI score
Exploits0References2
Prion
Prion
added 2019/10/23 1:15 p.m.17 views

Design/Logic Flaw

Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system...

2.1CVSS7.5AI score0.00333EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/10/23 1:15 p.m.35 views

Cross site request forgery (csrf)

A cross-site request forgery vulnerability in Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier allowed attackers to connect to an attacker-specified URL using attacker-specified credentials...

6.8CVSS7.9AI score0.007EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2019/10/23 1:15 p.m.13 views

Design/Logic Flaw

A missing permission check in Jenkins Dynatrace Application Monitoring Plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...

4CVSS6.3AI score0.00836EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder