18 matches found
SUSE CVE-2022-23708
A flaw was discovered in Elasticsearch 7.17.0's upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
New Microsoft Data Security Index report explores secure AI adoption to protect sensitive data
Generative AI and agentic AI are redefining how organizations innovate and operate, unlocking new levels of productivity, creativity and collaboration across industry teams. From accelerating content creation to streamlining workflows, AI offers transformative benefits that empower organizations ...
PT-2026-5349
In multiple functions of TaskFragmentOrganizerController.java, there is a possible activity token leak due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Astra Linux - уязвимость в linux-6.12
In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...
EUVD-2022-1497
Malicious code in bioql PyPI...
AZL-70760 CVE-2025-39797 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: xfrm: Duplicate SPI Handling The issue originates when Strongswan initiates an XFRMMSGALLOCSPI Netlink message, which triggers the kernel function xfrmallocspi. This function is expected to ensure uniqueness of the Security...
Linux Distros Unpatched Vulnerability : CVE-2022-23708
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was discovered in Elasticsearch 7.17.0's upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the...
Data Breach Reporting for regulatory requirements with Microsoft Data Security Investigations
Seventy-four percent of organizations surveyed experienced at least one data security incident with their business data exposed in the previous year as reported in Microsoft’s Data Security Index: Trends, insights, and strategies to secure data report. Despite the best people, process and...
BIT-ELASTICSEARCH-2022-23708
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
CVE-2022-23708
A flaw was found in the upgrade assistant for Elasticsearch. When upgrading from version 6.x to 7.x, the built-in protections on the security index are disabled, allowing authenticated users to access the index...
GHSA-PGQ6-CCQJ-HPQR Elasticsearch privilege escalation
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index. Users running a cluster on an affected version...
Elasticsearch privilege escalation
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index. Users running a cluster on an affected version...
CVE-2022-23708
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
Code injection
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
CVE-2022-23708
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
UBUNTU-CVE-2022-23708
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
CVE-2022-23708
A flaw was discovered in Elasticsearch 7.17.0’s upgrade assistant, in which upgrading from version 6.x to 7.x would disable the in-built protections on the security index, allowing authenticated users with “” index permissions access to this index...
PT-2022-16218 · Elastic · Elasticsearch
Name of the Vulnerable Software and Affected Versions: Elasticsearch versions 7.16 through 7.17.0 Description: A flaw was discovered in Elasticsearch's upgrade assistant, which occurs when upgrading from version 6.x to 7.x, disabling the in-built protections on the security index. This allows...