10 matches found
EUVD-2017-17394
Malware in sbrugna...
EUVD-2025-6024
Malicious code in bioql PyPI...
EUVD-2021-9298
Malicious code in bioql PyPI...
BIT-KIBANA-2025-25014 Kibana arbitrary code execution via prototype pollution
A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...
CVE-2025-25016
Unrestricted file upload in Kibana allows an authenticated attacker to compromise software integrity by uploading a crafted malicious file due to insufficient server-side validation...
CVE-2025-25016
CVE-2025-25016: Kibana suffers an Unrestricted File Upload weakness due to insufficient server-side validation, allowing an authenticated attacker to compromise software integrity by uploading a crafted file. Affected versions include Kibana 7.17.x before 7.17.19 and 8.0.x before 8.13.0. The issu...
PT-2025-15643 · Kibana · Kibana
Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: The issue is related to Prototype Pollution in Kibana, which can lead to code injection via unrestricted file upload combined with path traversal. Recommendations: At the moment, there is no...
BIT-ELK-2025-25015 Kibana arbitrary code execution via prototype pollution
Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions = 8.15.0 and 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users tha...
PT-2025-9909 · Elastic · Kibana
Name of the Vulnerable Software and Affected Versions: Kibana versions 8.15.0 through 8.17.2 Description: The issue is related to a prototype pollution vulnerability in Kibana, which can lead to arbitrary code execution via crafted file uploads and HTTP requests. This vulnerability poses a seriou...
CVE-2021-22142
Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to condu...