Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

EUVD
EUVDadded 2025/12/19 12:31 a.m.1 views

EUVD-2025-204406

Improper Authorization CWE-285 in Kibana can lead to privilege escalation CAPEC-233 by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request...

4.3CVSS6.3AI score0.00026EPSS
Exploits0References2
Snyk
Snykadded 2025/12/18 10:47 p.m.2 views

Incorrect Authorization

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Incorrect Authorization in the sharing endpoint. An attacker can escalate privileges by sending a crafted HTTP request to change a...

5.3CVSS6.7AI score0.00026EPSS
Exploits0References2
Elastic
Elasticadded 2025/12/18 9:28 p.m.10 views

Kibana 8.19.8, 9.1.8, and 9.2.2 Security Update (ESA-2025-38)

Kibana Improper Authorization ESA-2025-38 Improper Authorization CWE-285 in Kibana can lead to privilege escalation CAPEC-233 by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the...

4.3CVSS6.9AI score0.00026EPSS
Exploits0
Drupal
Drupaladded 2024/01/24 12:0 a.m.16 views

Open Social - Moderately critical - Access bypass - SA-CONTRIB-2024-004

Content within Open Social can have different visibilities. It is possible for a user to create public content even when this should not be allowed. This vulnerability is mitigated by the fact that the site must have public visibility disabled on a global level...

7.5CVSS6.8AI score0.00447EPSS
Exploits0References7
Securelist
Securelistadded 2020/08/06 10:0 a.m.129 views

Incident Response Analyst Report 2019

Download full report PDF As an incident response service provider, Kaspersky delivers a global service that results in global visibility of adversaries cyber-incident tactics and techniques used in the wild. In this report, we share our teams conclusions and analysis based on incident responses a...

10CVSS1.1AI score0.94489EPSS
Exploits265
ThreatPost
ThreatPostadded 2019/05/20 8:8 p.m.152 views

Sharing Threat Intelligence: Time for an Overhaul

Most organizations don’t really have a good way of sharing threat-related data outside of their own industry verticals. Sure, there are Information Sharing and Analysis Centers ISACs; i.e. FS-ISACs for the financial-services industry. But the information still tends to stay in industry-specific...

6.9AI score
Exploits0References2
Akamai Blog
Akamai Blogadded 2018/05/17 5:9 p.m.48 views

Learn How Trillions of DNS Requests Help Improve Security

Akamai's global platform is comprised of 240,000 servers in 3,750 locations within 134 countries. Additionally, our platform interacts with 1.3 billion client devices every day and we ingest 2.5 exabytes of data a year. So why are these stats important? The answer is that this visibility provides...

7.1AI score
Exploits0
Rows per page
Query Builder