8 matches found
EUVD-2018-15607
Malware in sbrugna...
EUVD-2024-36559
Malicious code in bioql PyPI...
EUVD-2025-13046
Malicious code in bioql PyPI...
CVE-2024-11390
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
CVE-2024-11390
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
BIT-KIBANA-2024-43707 Kibana exposure of sensitive information to an unauthorized actor
An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions...
CVE-2024-43707
CVE-2024-43707 describes a Kibana issue where a user who lacks Fleet access can view Elastic Agent policies, potentially exposing sensitive information depending on enabled integrations and Elastic Agent versions. The impact is confidentiality-focused, with the CVSS and sector summaries indicatin...
CVE-2024-23442 Kibana open redirect issue
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL...