Lucene search
+L

108 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:15 a.m.5 views

SUSE CVE-2019-7620

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

7.5CVSS5.8AI score0.0208EPSS
Exploits0References3
Openbugbounty
Openbugbounty
added 2022/12/21 9:42 p.m.16 views

beats-boogies.nl Cross Site Scripting vulnerability OBB-3113479

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/27 10:15 a.m.93 views

Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri

A now-patched security flaw in Apple's iOS and macOS operating systems could have potentially enabled apps with Bluetooth access to eavesdrop on conversations with Siri. Apple said "an app may be able to record audio using a pair of connected AirPods," adding it addressed the Core Bluetooth issue...

0.6AI score0.01136EPSS
Exploits0
Chainguard
Chainguard
added 2022/02/15 1:57 a.m.6 views

GHSA-QRRC-WW9X-R43G vulnerabilities

Vulnerabilities for packages: beats, beats-fips...

5.3AI score
Exploits0
OSV
OSV
added 2022/02/15 1:57 a.m.26 views

GO-2022-0643 Denial of service in github.com/elastic/beats

A local attacker can cause a panic if they are able to send arbitrary traffic to a monitored port, due to an out of bounds read...

7.5CVSS7.4AI score0.01436EPSS
Exploits0References2
Elastic
Elastic
added 2020/12/09 4:24 p.m.7 views

Beats 7.10.1 Security Update

Beats Denial of Service issue ESA-2020-16 A denial of service flaw when parsing malformed TLS public keys was discovered in Go, the language used to implement Beats. If Beats is configured to listen for Syslog over TLS, or if Beats is making outbound connections over HTTPS, a remote attacker coul...

7.5CVSS5.1AI score0.03813EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2020/09/27 4:34 p.m.26 views

Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Logstash (CVE-2019-7620)

Summary A security vulnerability affects IBM Cloud Private Vulnerability Details CVEID: CVE-2019-7620 DESCRIPTION: Elastic Logstash is vulnerable to a denial of service, caused by a flaw in the Beats input plugin. By sending a specially-crafted network packet, a remote attacker could exploit this...

7.5CVSS0.4AI score0.0208EPSS
Exploits0Affected Software1
Chainguard
Chainguard
added 2020/06/02 2:15 p.m.9 views

CVE-2020-13401 vulnerabilities

Vulnerabilities for packages: beats, beats-fips...

6CVSS6.8AI score0.02839EPSS
Exploits0
OpenVAS
OpenVAS
added 2019/11/05 12:0 a.m.54 views

Elastic Logstash Beats Input Plugin DoS Vulnerability (ESA-2019-14)

Elastic Logstash is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS6.7AI score0.0208EPSS
Exploits0References2
Veracode
Veracode
added 2019/11/01 7:20 a.m.10 views

Denial Of Service (DoS)

logstash-input-beats is vulnerable to denial of service. The attack is due to a lack of proper handling of invalid compressed content, allowing an attacker to provide malicious compressed content to trigger the attack...

3.3AI score
Exploits0
Veracode
Veracode
added 2019/11/01 6:54 a.m.29 views

Denial Of Service(DoS)

Logstash is vulnerable to denial of service DoS. When an unauthenticated user is using Beats input plugin with Logstash and is able to connect to the port the Logstash beats input, malicious network packets sent by user could result in nonresponsiveness...

7.5CVSS2.6AI score0.0208EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2019/10/30 2:15 p.m.36 views

CVE-2019-7620

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

7.5CVSS7.7AI score0.0208EPSS
Exploits0References3
Prion
Prion
added 2019/10/30 2:15 p.m.21 views

Design/Logic Flaw

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

5CVSS7.3AI score0.0208EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/10/30 1:38 p.m.79 views

CVE-2019-7620

CVE-2019-7620 is a DoS in Elastic Logstash Beats input caused by processing specially crafted network packets. Affected releases include Logstash before 7.4.1 and 6.8.4. Remediation, where available in the connected docs, is to apply the security updates/fixes (e.g., Logstash patch versions 7.4.1...

7.5CVSS7.2AI score0.0208EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2019/10/30 1:38 p.m.51 views

CVE-2019-7620

Logstash versions before 7.4.1 and 6.8.4 contain a denial of service flaw in the Logstash Beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop responding...

7.3AI score0.0208EPSS
Exploits0References3
Elastic
Elastic
added 2019/10/23 4:7 p.m.11 views

Elastic Stack 7.4.1 security update

Logstash Beats input denial of service flaw ESA-2019-14 A denial of service flaw was found in the Logstash beats input plugin. An unauthenticated user who is able to connect to the port the Logstash beats input could send a specially crafted network packet that would cause Logstash to stop...

7.5CVSS6.7AI score0.0208EPSS
Exploits0
Elastic
Elastic
added 2019/10/23 4:2 p.m.13 views

Elastic Stack 6.8.4 security update

Elasticsearch username disclosure flaw ESA-2019-13 A username disclosure flaw was found in Elasticsearch’s API Key service. An unauthenticated attacker could send a specially crafted request and determine if a username exists in the Elasticsearch native realm. Affected Versions The following...

7.5CVSS6.5AI score0.02429EPSS
Exploits0
Imperva Blog
Imperva Blog
added 2019/03/21 3:53 p.m.71 views

Imperva Cloud WAF and Graylog, Part II: How to Collect and Ingest SIEM Logs

This guide gives step-by-step guidance on how to collect and parse Imperva Cloud Web Application Firewall WAF, formerly Incapsula logs into the Graylog SIEM tool. Read Part I to learn how to set up a Graylog server in AWS and integrate with Imperva Cloud WAF. This guide assumes: You have a clean...

0.1AI score
Exploits0
Chainguard
Chainguard
added 2019/01/12 2:29 a.m.5 views

CVE-2018-20699 vulnerabilities

Vulnerabilities for packages: beats, beats-fips...

4.9CVSS5.6AI score0.02231EPSS
Exploits0
OSV
OSV
added 2018/03/05 7:29 a.m.6 views

CVE-2018-7665

An issue was discovered in ClipBucket before 4.0.0 Release 4902. A malicious file can be uploaded via the name parameter to actions/beatsuploader.php or actions/photouploader.php, or the coverPhoto parameter to editaccount.php...

9.8CVSS5.8AI score0.16173EPSS
Exploits2References2
Rows per page
Query Builder