Lucene search
+L

107 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in test-mlw2-boule-beats (npm)

The package test-mlw2-boule-beats was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.3 views

MAL-2025-34997 Malicious code in test-mlw2-boule-beats (npm)

The package test-mlw2-boule-beats was found to contain malicious code...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.2 views

Elastic Beats Filebeat Installed (Windows)

Binary data elasticbeatsfilebeatwininstalled.nbin...

7.3AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/08 12:0 a.m.5 views

Elastic Beats filebeat < 9.1.0 Privilege Escalation

The version of Elastic Beats filebeat installed on the remote host is prior to 9.1.0. It is, therefore, affected by a vulnerability. An uncontrolled search path element vulnerability can lead to local privilege Escalation LPE via Insecure Directory Permissions. The vulnerability arises from...

7CVSS5.8AI score0.00138EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.7 views

The vulnerability of the agent installer for data collection and delivery in Elasticsearch or Logstash Elastic Beats allows a perpetrator to enhance their privileges.

The vulnerability of the agent installer for data collection and delivery in Elasticsearch or Logstash Elastic Beats is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

7CVSS5.5AI score0.00138EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.10 views

The vulnerability of the agent installer for data collection and delivery in Elasticsearch or Logstash Elastic Beats allows a perpetrator to enhance their privileges.

The vulnerability of the agent installer for data collection and delivery in Elasticsearch or Logstash Elastic Beats is related to an uncontrolled element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

7CVSS5.5AI score0.00132EPSS
Exploits0References2Affected Software1
Elastic
Elastic
added 2025/07/29 11:32 p.m.10 views

Beats (Windows Installer) 8.18.6, 8.19.3, 9.0.6, & 9.1.0 Security Update (ESA-2025-12)

Beats Uncontrolled Search Path Element can lead to Local Privilege Escalation LPE when using the Windows Installer ESA-2025-12 An uncontrolled search path element vulnerability can lead to local privilege Escalation LPE via Insecure Directory Permissions. The vulnerability arises from improper...

7CVSS5.7AI score0.00138EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 9:23 a.m.6 views

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

4.3CVSS6.4AI score0.00832EPSS
Exploits0References1
Snyk
Snyk
added 2025/05/01 1:44 p.m.5 views

Inclusion of Functionality from Untrusted Control Sphere

Overview github.com/elastic/beats/v7 is a the Lightweight shippers for Elasticsearch & Logstash. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd subprocess. Note: This is only exploitable if the...

7.8CVSS7.3AI score0.00168EPSS
Exploits0References2
Snyk
Snyk
added 2025/05/01 1:44 p.m.8 views

Inclusion of Functionality from Untrusted Control Sphere

Overview github.com/elastic/beats is a the Lightweight shippers for Elasticsearch & Logstash. Affected versions of this package are vulnerable to Inclusion of Functionality from Untrusted Control Sphere via parameter injection in the osqueryd subprocess. Note: This is only exploitable if the...

7.8CVSS7.3AI score0.00168EPSS
Exploits0References2
Chainguard
Chainguard
added 2025/03/13 10:12 a.m.12 views

GHSA-M9Q8-9M2H-84GH vulnerabilities

Vulnerabilities for packages: beats, beats-fips...

5.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/06/26 9:36 a.m.74 views

Apple Patches AirPods Bluetooth Vulnerability That Could Allow Eavesdropping

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods 2nd generation and later, AirPods Pro all models, AirPods Max, Powerbeats Pro, and...

6.7AI score0.01128EPSS
Exploits0
NVD
NVD
added 2024/06/26 4:15 a.m.103 views

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

4.3CVSS0.00832EPSS
Exploits0References4
OSV
OSV
added 2024/06/26 4:15 a.m.4 views

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

4.3CVSS5.8AI score0.00832EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/06/26 3:12 a.m.33 views

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

6.3AI score0.00832EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/26 3:12 a.m.41 views

CVE-2024-27867

An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in...

0.00832EPSS
Exploits0References1
CVE
CVE
added 2024/06/26 3:12 a.m.128 views

CVE-2024-27867

Summary of CVE-2024-27867 (AirPods/Beats) : An authentication issue arises when headphones seek a connection request to a previously paired device, allowing a nearby attacker (Bluetooth range) to spoof the source device and gain access. Root cause per Apple advisory: improved state management fix...

4.3CVSS6.3AI score0.00832EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/06/26 12:0 a.m.10 views

PT-2024-22092

Name of the Vulnerable Software and Affected Versions AirPods versions prior to Firmware Update 6A326 AirPods versions prior to Firmware Update 6F8 Beats versions prior to Firmware Update 6F8 AirPods 2nd generation and later AirPods Pro all models AirPods Max Powerbeats Pro Beats Fit Pro...

4.3CVSS7AI score0.00832EPSS
Exploits0References30
OSV
OSV
added 2024/01/03 4:11 p.m.24 views

GO-2023-2413 Sensitive information logged in github.com/elastic/beats/v7

Sensitive information logged in github.com/elastic/beats/v7...

6.8CVSS6.4AI score0.00589EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2023/12/12 9:31 p.m.37 views

Elastic Beats inserts sensitive information into log file

An issue was discovered by Elastic whereby Beats and Elastic Agent would log a raw event in its own logs at the WARN or ERROR level if ingesting that event to Elasticsearch failed with any 4xx HTTP status code except 409 or 429. Depending on the nature of the event that Beats or Elastic Agent...

6.8CVSS6.7AI score0.00589EPSS
Exploits0References4Affected Software2
Rows per page
Query Builder