Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2026/05/13 2:21 p.m.9 views

CVE-2026-31215

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion vulnerability in its ElasticSearch service interface. The DELETE /indexname/documents endpoint lacks proper authentication and authorization controls and does not validate the user-supplied pathorurl parameter...

9.1CVSS5.9AI score0.00413EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 12:0 a.m.17 views

CVE-2026-31215

The CVE-2026-31215 issue affects Nexent v1.7.5.2, where the ElasticSearch service interface exposes an unauthorized DELETE /{index_name}/documents endpoint. The vulnerability arises from missing authentication/authorization and lack of validation for the path_or_url parameter, enabling unauthenti...

9.1CVSS5.9AI score0.00413EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-10115

Malware in sbrugna...

7.5CVSS7.5AI score0.01075EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/07 12:0 a.m.5 views

PT-2025-41175

Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.3.2 Description Nagios Log Server before version 2024R1.3.2 allows authenticated users with read-only API access to stop the Elasticsearch service. This is achieved by making a call to the...

8.5CVSS6.4AI score0.02672EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-29734

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.00189EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/17 12:0 a.m.5 views

CISA Thorium 安全漏洞

CISA Thorium is a highly scalable distributed malware analysis and data generation framework from the U.S. Cybersecurity and Infrastructure Security Administration CISA government division. A security vulnerability exists in CISA Thorium versions prior to 1.1.2 that stems from unvalidated TLS...

9.8CVSS6.5AI score0.00189EPSS
Exploits0References4
Rows per page
Query Builder