Lucene search
+L

10 matches found

euvd
euvd
added 2025/10/07 12:30 a.m.11 views

EUVD-2017-17394

Malware in sbrugna...

6.5CVSS6.4AI score0.01104EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-6024

Malicious code in bioql PyPI...

9.9CVSS9.2AI score0.01248EPSS
Exploits0References3
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-9298

Malicious code in bioql PyPI...

4.3CVSS4.8AI score0.00704EPSS
Exploits0References2
osv
osv
added 2025/05/08 5:41 a.m.10 views

BIT-KIBANA-2025-25014 Kibana arbitrary code execution via prototype pollution

A Prototype pollution vulnerability in Kibana leads to arbitrary code execution via crafted HTTP requests to machine learning and reporting endpoints...

9.8CVSS9.4AI score0.15174EPSS
Exploits2References2
nvd
nvd
added 2025/05/01 2:15 p.m.8 views

CVE-2025-25016

Unrestricted file upload in Kibana allows an authenticated attacker to compromise software integrity by uploading a crafted malicious file due to insufficient server-side validation...

4.3CVSS0.00274EPSS
Exploits0References1
cve
cve
added 2025/05/01 1:9 p.m.62 views

CVE-2025-25016

CVE-2025-25016: Kibana suffers an Unrestricted File Upload weakness due to insufficient server-side validation, allowing an authenticated attacker to compromise software integrity by uploading a crafted file. Affected versions include Kibana 7.17.x before 7.17.19 and 8.0.x before 8.13.0. The issu...

4.3CVSS4.5AI score0.00274EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2025/04/08 12:0 a.m.6 views

PT-2025-15643 · Kibana · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: The issue is related to Prototype Pollution in Kibana, which can lead to code injection via unrestricted file upload combined with path traversal. Recommendations: At the moment, there is no...

8.7CVSS6.5AI score0.00466EPSS
Exploits0References14
osv
osv
added 2025/03/07 8:52 p.m.22 views

BIT-ELK-2025-25015 Kibana arbitrary code execution via prototype pollution

Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions = 8.15.0 and 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users tha...

9.9CVSS9.6AI score0.01248EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/03/06 12:0 a.m.3 views

PT-2025-9909 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana versions 8.15.0 through 8.17.2 Description: The issue is related to a prototype pollution vulnerability in Kibana, which can lead to arbitrary code execution via crafted file uploads and HTTP requests. This vulnerability poses a seriou...

4.3CVSS9.4AI score0.00399EPSS
Exploits0References43
osv
osv
added 2023/11/22 1:15 a.m.9 views

CVE-2021-22142

Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to condu...

8.8CVSS6.7AI score
Exploits0References2
Rows per page
Query Builder