CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0610

Malware in sbrugna...

4.8CVSS6AI score0.00411EPSS

Exploits0References9

Tenable Nessus•added 2025/09/02 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2021-22132

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store t...

4.8CVSS6.5AI score0.00411EPSS

Exploits0References2

OSV•added 2024/11/22 7:58 p.m.•3 views

CVE-2024-53253 Sentry's improper error handling leaks Application Integration Client Secret

Sentry is an error tracking and performance monitoring platform. Version 24.11.0, and only version 24.11.0, is vulnerable to a scenario where a specific error message generated by the Sentry platform could include a plaintext Client ID and Client Secret for an application integration. The Client ...

5.3CVSS6.6AI score0.00278EPSS

Exploits0References5

OSV•added 2024/03/06 10:54 a.m.•18 views

BIT-ELASTICSEARCH-2021-22132

Elasticsearch versions 7.7.0 to 7.10.1 contain an information disclosure flaw in the async search API. Users who execute an async search will improperly store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive request headers of other users in...

4.8CVSS4.8AI score0.00411EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 3:46 a.m.•2 views

SUSE CVE-2021-22132

4.8CVSS7.6AI score0.00411EPSS

Exploits0References3

RedHat Linux•added 2022/09/09 7:12 a.m.•0 views

elasticsearch: executing async search improperly stores HTTP headers leading to information disclosure

4.8CVSS7.2AI score0.00411EPSS

Exploits0References5

RedHat Linux•added 2022/07/19 1:40 p.m.•1 views

elasticsearch: executing async search improperly stores HTTP headers leading to information disclosure

4.8CVSS7.2AI score0.00411EPSS

Exploits0References5

Veracode•added 2021/03/19 5:35 a.m.•29 views

Information Disclosure

x-pack-core is vulnerable to an information disclosure. Sensitive request headers of other users in the cluster are exposed to a user with the ability to read the .tasks index due to a flawed implementation of async search API which allows users executing an async search to store the HTTP headers...

4.8CVSS1.9AI score0.00411EPSS

Exploits0References5Affected Software1

OSV•added 2021/03/18 7:27 p.m.•0 views

GHSA-5FVX-2JJ3-6MFF Insufficiently Protected Credentials in Elasticsearch

4.8CVSS7.2AI score0.00411EPSS

Exploits0References4

RedhatCVE•added 2021/02/01 3:13 p.m.•28 views

CVE-2021-22132

4.8CVSS0.9AI score0.00411EPSS

Exploits0References4

OpenVAS•added 2021/01/25 12:0 a.m.•31 views

Elastic Elasticsearch Information Disclosure Vulnerability (ESA-2021-01)

Elasticsearch is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

4.8CVSS5.1AI score0.00411EPSS

Exploits0References2

NVD•added 2021/01/14 8:15 p.m.•16 views

CVE-2021-22132

4.8CVSS4.7AI score0.00411EPSS

Exploits0References3

OSV•added 2021/01/14 8:15 p.m.•16 views

CVE-2021-22132

4.8CVSS5.9AI score

Exploits0References3

OSV•added 2021/01/14 8:15 p.m.•0 views

UBUNTU-CVE-2021-22132

4.8CVSS6.6AI score0.00411EPSS

Exploits0References3

Prion•added 2021/01/14 8:15 p.m.•21 views

Information disclosure

2.1CVSS4.8AI score0.00411EPSS

Exploits0References3Affected Software2

UbuntuCve•added 2021/01/14 8:15 p.m.•26 views

CVE-2021-22132

4.8CVSS6.8AI score0.00411EPSS

Exploits0References2

Cvelist•added 2021/01/14 7:20 p.m.•27 views

CVE-2021-22132

5.2AI score0.00411EPSS

Exploits0References3

CVE•added 2021/01/14 7:20 p.m.•173 views

CVE-2021-22132

Elasticsearch 7.7.0–7.10.1 exposes an information-disclosure flaw in the async search API: executed async searches cause HTTP headers to be stored, potentially allowing a user who can read the .tasks index to obtain other users’ sensitive request headers. The issue is fixed in Elasticsearch 7.10....

4.8CVSS4.7AI score0.00411EPSS

Exploits0References3Affected Software1

Elastic•added 2021/01/14 6:9 p.m.•4 views

Elasticsearch 7.10.2 Security Update

Elasticsearch authorization-header storage issue ESA-2021-01 An information disclosure flaw was found in the Elasticsearch async search API. Users who execute an async search will store the HTTP headers. An Elasticsearch user with the ability to read the .tasks index could obtain sensitive reques...

4.8CVSS7AI score0.00411EPSS

Exploits0

Positive Technologies•added 2021/01/14 12:0 a.m.•1 views

PT-2021-14860 · Elastic · Elasticsearch

Name of the Vulnerable Software and Affected Versions: Elasticsearch versions 7.7.0 through 7.10.1 Description: The issue is an information disclosure flaw in the async search API. When an async search is executed, HTTP headers are improperly stored. An Elasticsearch user with read access to the...

4.8CVSS4.8AI score0.00411EPSS

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by