Lucene search
K

10 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:33 p.m.8 views

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9.9CVSS7.8AI score0.00957EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-35726

Malicious code in bioql PyPI...

9.9CVSS8.5AI score0.00957EPSS
Exploits0References2
Veracode
Veracode
added 2023/05/16 2:13 a.m.29 views

Arbitrary Code Execution

kibana is vulnerable to Arbitrary Code Execution. A remote authenticated attacker with the ability to modify the Kibana yaml or env configuration is able to execute malicious code on the host system via a malicious configuration payload trough the Uptime/Synthetics feature...

8.8CVSS7.2AI score0.00957EPSS
Exploits0References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/05/12 12:0 a.m.134 views

Elastic Kibana < 8.7.1 Arbitrary Code Execution

The Elastic Kibana software on the remote host is missing a security update. It is, therefore, affected by multiple arbitrary code execution vulnerabilities: - An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This...

9.9CVSS8.8AI score0.00957EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/05/06 2:0 a.m.3 views

SUSE CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9.9CVSS8.1AI score0.00957EPSS
Exploits0References3
NVD
NVD
added 2023/05/04 9:15 p.m.26 views

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9.9CVSS9AI score0.00957EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/05/04 12:0 a.m.36 views

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9.2AI score0.00957EPSS
Exploits0References2
OSV
OSV
added 2023/05/04 12:0 a.m.23 views

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9.9CVSS8.1AI score0.00957EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/04 12:0 a.m.2 views

PT-2023-23308

Name of the Vulnerable Software and Affected Versions Kibana version 8.7.0 Description The issue is an arbitrary code execution flaw. An attacker with all privileges to the Uptime/Synthetics feature could send a request to execute JavaScript code, potentially leading to the execution of arbitrary...

9.9CVSS7.8AI score0.00957EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2023/05/04 12:0 a.m.9 views

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

9AI score0.00957EPSS
Exploits0References2
Rows per page
Query Builder