CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: nri-discovery-kubernetes, zot, crossplane-provider-aws-kms, skaffold, terraform-provider-sendgrid, k8ssandra-operator-fips, prometheus-nats-exporter, kube-logging-operator, dynamic-localpv-provisioner-fips, skopeo, helm, crossplane-provider-aws-sqs, ipfs, cloudflared...

GHSA-XW73-RW38-6VJC vulnerabilities

Vulnerabilities for packages: istio-pilot-discovery, eksctl, pulumi, up, zot, helm-operator, ko-fips, k3d, skaffold, rancher-machine, flux, slsa-verifier, tekton-chains, cri-tools, k3s, skopeo, bom, k8sgpt, crane, chartmuseum, ctop, guac, timoni, kpt, zarf, argo-workflows, falcoctl-fips, helm,...

CVE-2024-24557 vulnerabilities

Vulnerabilities for packages: istio-pilot-discovery, eksctl, pulumi, up, zot, helm-operator, ko-fips, k3d, skaffold, rancher-machine, flux, slsa-verifier, tekton-chains, cri-tools, k3s, skopeo, bom, k8sgpt, crane, chartmuseum, ctop, guac, timoni, kpt, zarf, argo-workflows, falcoctl-fips, helm,...

CVE-2023-31413

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled...

CVE-2023-31413

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled...

Authorization

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled...

CVE-2023-31413

Summary of CVE-2023-31413 (Filebeat httpjson input): A bug in the httpjson input in Filebeat allows the contents of the Authorization or Proxy-Authorization header to be leaked into logs when debug logging is enabled. Affected versions are Filebeat up to 7.17.9 and 8.6.2. The root cause is a logg...

CVE-2023-31413

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled...

Elastic Filebeat 日志信息泄露漏洞

Elastic Filebeat is a lightweight data probe for forwarding and centralizing log data from Elastic Netherlands. A security vulnerability exists in Elastic Filebeat versions 7.17.9 through 8.6.2. An attacker exploited the vulnerability to cause the contents of the http request Authorization or...

CVE-2023-31413

Filebeat versions through 7.17.9 and 8.6.2 have a flaw in httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled...

Vulnerabilities fixed in Elastic products

Vulnerabilities have been fixed in the Kibana and Filebeat products from Elastic. These vulnerabilities allow an attacker to perform cross-site scripting attacks, read system data such as read logs or execute arbitrary code under user privileges. The vulnerability with attribute CVE-2023-31415 in...

Elastic Stack 8.7.0, 7.17.10 Security Updates

Filebeat Information Exposure ESA-2023-04 A flaw was discovered in the Filebeat httpjson input that allows the http request Authorization or Proxy-Authorization header contents to be leaked in the logs when debug logging is enabled. Affected Versions: All filebeat versions through 7.17.9 and 8.6....

PT-2023-9265 · Elastic +1 · Filebeat +1

Name of the Vulnerable Software and Affected Versions: Filebeat versions through 7.17.9 and 8.6.2 Description: The issue is related to a flaw in the httpjson input of Filebeat, which allows the contents of the http request Authorization or Proxy-Authorization header to be leaked in the logs when...

Grafiki - Threat Hunting Tool About Sysmon And Graphs

Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not debugg...

S1EM - This Project Is A SIEM With SIRP And Threat Intel, All In One

Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats. The S1EM solution is based on the principle of bringing together the best products in their field, free of charge, and making them quickly interoperable. S1EM ...

IRFuzz - Simple Scanner with Yara Rule

IRFuzz is a simple scanner with yara rules for document archives or any files. Install 1. Prerequisites Linux or OS X Yara: just use the latest release source code, compile and install it or install it via pip install yara-python Yara Rules - You may download yara rules from here or import your...

Dsiem - Security Event Correlation Engine For ELK Stack

Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. Dsiem provides OSSIM-style correlation for normalized logs/events, perform lookup/query to threat intelligence and vulnerability information sources, and...

Elastic Stack 7.5.0 security update

Metricbeat and Filebeat DSA public key panic ESA-2019-15 A denial of service flaw when parsing malformed DSA public keys was discovered in Go, the language used to implement Beats. If Metricbeat or Filebeat are configured to accept incoming TLS connections with client authentication enabled, a...

RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations

Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. Initial public release at BruCON 2018: Video: https://www.youtube.com/watch?v=OjtftdPts4g Presentation slides:...

Red Team’s SIEM: RedELK

Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. When performing multi-month, multi-C2teamserver and multi-scenario red team operations, you are working with an...