Lucene search
K

7 matches found

OSV
OSV
added 2025/12/20 11:36 a.m.10 views

BIT-ELASTICSEARCH-2025-68390 Elasticsearch Allocation of Resources Without Limits or Throttling

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation CAPEC-130 of memory and a denial of service DoS via crafted HTTP request...

4.9CVSS6.6AI score0.00329EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/19 12:31 a.m.5 views

EUVD-2025-204407

Elasticsearch privileged authenticated users can cause DoS through Excessive Resource Allocation...

4.9CVSS6.2AI score0.00329EPSS
Exploits0References3
OSV
OSV
added 2025/12/19 12:31 a.m.3 views

GHSA-GPHJ-4H6P-37XQ Elasticsearch privileged authenticated users can cause DoS through Excessive Resource Allocation

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation CAPEC-130 of memory and a denial of service DoS via crafted HTTP request...

4.9CVSS6.6AI score0.00329EPSS
Exploits0References4
NVD
NVD
added 2025/12/18 11:15 p.m.6 views

CVE-2025-68390

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation CAPEC-130 of memory and a denial of service DoS via crafted HTTP request...

4.9CVSS0.00329EPSS
Exploits0References1
OSV
OSV
added 2025/12/18 11:15 p.m.9 views

CVE-2025-68390

Allocation of Resources Without Limits or Throttling CWE-770 in Elasticsearch can allow an authenticated user with snapshot restore privileges to cause Excessive Allocation CAPEC-130 of memory and a denial of service DoS via crafted HTTP request...

4.9CVSS6.6AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/08/29 12:0 a.m.4 views

PT-2019-17120 · Ibm · Ibm I +1

Name of the Vulnerable Software and Affected Versions: IBM i version 7.4 Description: The issue arises when a Restore User Profile RSTUSRPRF is performed on a system configured with Db2 Mirror for i, potentially resulting in user profiles having elevated privileges due to incorrect processing...

6.7CVSS6.1AI score0.00275EPSS
Exploits0References3
CVE
CVE
added 2017/03/28 2:46 a.m.54 views

CVE-2016-9462

Summary: CVE-2016-9462 affects Nextcloud Server before 9.0.52 and ownCloud Server before 9.0.4. The root cause is inadequate verification of restore privileges during file restoration, allowing a user with read-only access to revert to older versions. Affected components: Nextcloud Server (pre-9....

4.3CVSS4.8AI score0.01874EPSS
Exploits1References9Affected Software2
Rows per page
Query Builder