Lucene search
K

46 matches found

NVD
NVD
added 2024/06/13 5:15 p.m.18 views

CVE-2024-37279

A flaw was discovered in Kibana, allowing view-only users of alerting to use the runsoon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries...

4.3CVSS0.00372EPSS
Exploits0References1
OSV
OSV
added 2024/03/06 10:54 a.m.35 views

BIT-ELASTICSEARCH-2020-7020

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.5CVSS3.6AI score0.00999EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 4:2 a.m.3 views

SUSE CVE-2020-7020

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.5CVSS6.7AI score0.00999EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2022/07/07 2:19 p.m.2 views

elasticsearch: not properly preserving security permissions when executing complex queries may lead to information disclosure

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.5CVSS5.8AI score0.00999EPSS
Exploits0References6
OSV
OSV
added 2021/03/18 7:27 p.m.5 views

GHSA-G9FW-9X87-RMRJ Privilege Context Switching Error in Elasticsearch

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.1CVSS6.6AI score0.00999EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2020/10/30 9:56 a.m.37 views

CVE-2020-7020

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.5CVSS2.8AI score0.00999EPSS
Exploits0References5
CNVD
CNVD
added 2020/10/25 12:0 a.m.10 views

Elasticsearch Information Disclosure Vulnerability (CNVD-2020-60336)

Elasticsearch is the Netherlands Elasticsearch company's set of open source distributed RESTful search engine built on Lucene . The product is mainly used in cloud computing , and supports data indexing via HTTP using JSON. security is one of the data protection components. An information...

3.5CVSS6.4AI score0.00999EPSS
Exploits0References1
Prion
Prion
added 2020/10/22 5:15 p.m.27 views

Design/Logic Flaw

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.5CVSS3.8AI score0.00999EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2020/10/22 5:15 p.m.2 views

UBUNTU-CVE-2020-7020

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.1CVSS6.5AI score0.00999EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/10/22 4:30 p.m.37 views

CVE-2020-7020

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used. Search queries do not properly preserve security permissions when executing certain complex queries. This could result in the search disclosing the existence of documen...

3.8AI score0.00999EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2020/10/22 12:0 a.m.6 views

PT-2020-19345 · Elastic · Elasticsearch

Name of the Vulnerable Software and Affected Versions: Elasticsearch versions prior to 6.8.13 Elasticsearch versions prior to 7.9.2 Description: The issue is related to a document disclosure flaw when Document or Field Level Security is used in Elasticsearch. Search queries do not properly preser...

3.5CVSS4.6AI score0.00999EPSS
Exploits0References13
Veracode
Veracode
added 2019/12/17 3:16 a.m.20 views

Authorization Bypass

apache-superset is vulnerable to authorization bypass. A malicious user is able bypass access controls to retrieve restricted metadata information of the database using complex queries...

5.3CVSS4AI score0.02779EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2019/12/01 1:4 a.m.48 views

[SECURITY] Fedora 30 Update: phpMyAdmin-4.9.2-1.fc30

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

9.8CVSS1.3AI score0.02579EPSS
Exploits0
Fedora
Fedora
added 2019/12/01 12:46 a.m.34 views

[SECURITY] Fedora 31 Update: phpMyAdmin-4.9.2-1.fc31

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

9.8CVSS1.3AI score0.02579EPSS
Exploits0
Fedora
Fedora
added 2016/06/05 2:52 a.m.33 views

[SECURITY] Fedora 22 Update: phpMyAdmin-4.6.2-1.fc22

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

6.1CVSS1.3AI score0.01992EPSS
Exploits0
Fedora
Fedora
added 2016/06/01 8:23 p.m.39 views

[SECURITY] Fedora 23 Update: phpMyAdmin-4.6.2-1.fc23

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

6.1CVSS1.3AI score0.01992EPSS
Exploits0
Fedora
Fedora
added 2016/02/01 6:34 a.m.24 views

[SECURITY] Fedora 22 Update: phpMyAdmin-4.5.4-1.fc22

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

7.5CVSS1.3AI score0.02688EPSS
Exploits0
Fedora
Fedora
added 2014/09/25 10:40 a.m.25 views

[SECURITY] Fedora 19 Update: phpMyAdmin-4.2.8.1-2.fc19

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

4.3CVSS1.3AI score0.01862EPSS
Exploits0
Fedora
Fedora
added 2014/09/23 4:32 a.m.31 views

[SECURITY] Fedora 21 Update: phpMyAdmin-4.2.8.1-2.fc21

phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...

4.3CVSS1.3AI score0.01862EPSS
Exploits0
OpenVAS
OpenVAS
added 2013/11/18 12:0 a.m.11 views

Fedora Update for phpMyAdmin FEDORA-2013-18802

Check for the Version of phpMyAdmin OpenVAS Vulnerability Test Fedora Update for phpMyAdmin FEDORA-2013-18802 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

7.4AI score
Exploits0References2
Rows per page
Query Builder