Lucene search
K

5 matches found

Snyk
Snyk
added 2026/05/22 1:44 p.m.8 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the Boards API when file ownership and access control are not properly validated. An attacker can gain unauthorized access to and download files belonging to other users or teams by...

7.1CVSS5.8AI score0.00149EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/22 1:44 p.m.15 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the Boards API when file ownership and access control are not properly validated. An attacker can gain unauthorized access to and download files belonging to other users or teams by...

7.1CVSS5.8AI score0.00149EPSS
Exploits0References2
Snyk
Snyk
added 2026/01/13 9:49 p.m.4 views

Allocation of Resources Without Limits or Throttling

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the Fleet module. An attacker can cause excessive consumption of system...

7.1CVSS6.8AI score0.00273EPSS
Exploits0References2
Elastic
Elastic
added 2026/01/13 8:54 p.m.13 views

Kibana 8.19.10, 9.1.10, 9.2.4 Security Update (ESA-2026-05)

External Control of File Name or Path and Server-Side Request Forgery SSRF in Kibana Google Gemini Connector ESA-2026-05 External Control of File Name or Path CWE-73 combined with Server-Side Request Forgery CWE-918 can allow an attacker to cause arbitrary file disclosure through a specially...

8.6CVSS5.7AI score0.00417EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2024-31309

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - HTTP/2 CONTINUATION DoS attack can cause Apache Traffic Server to consume more resources on the server. Version from 8.0.0 through 8.1.9, from 9.0.0 through 9.2...

7.5CVSS7.7AI score0.94615EPSS
Exploits1References2
Rows per page
Query Builder