PT-2026-21792

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.3.14.0 and earlier Description An issue exists in Devolutions Server where improper access control in several DVLS REST API endpoints allows an authenticated user with view-only permissions to access sensitive...

EUVD-2024-36555

Malicious code in bioql PyPI...

Denial Of Service

kibana is vulnerable to Denial Of Service. The vulnerability is due to the runsoon API allowing view-only users to execute alerting rules continuously, potentially impacting system availability if the alerting rules involve complex queries. An attacker can exploit this to degrade system performan...

BIT-KIBANA-2024-37279 Kibana Broken Access Control issue

A flaw was discovered in Kibana, allowing view-only users of alerting to use the runsoon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries...

BIT-ELK-2024-37279 Kibana Broken Access Control issue

A flaw was discovered in Kibana, allowing view-only users of alerting to use the runsoon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries...

CVE-2024-37279

A flaw was discovered in Kibana, allowing view-only users of alerting to use the runsoon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries...

CVE-2024-37279 Kibana Broken Access Control issue

A flaw was discovered in Kibana, allowing view-only users of alerting to use the runsoon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries...

CVE-2024-37279

Summary (CVE-2024-37279) : Kibana contains a flaw in the alerting run_soon API that allows view-only alerting users to keep an alert rule running, potentially impacting system availability when complex queries run. Affected versions cited across sources include Kibana 8.6.3 through 8.13.4. The vu...

Elastic Kibana Security Vulnerability

Elastic Kibana is an application from the Dutch company Elastic. A free and open user interface that enables you to visualize Elasticsearch data and lets you navigate through the Elastic Stack. A security vulnerability exists in Elastic Kibana versions 8.6.3 through 8.13.4, which stems from a...

PT-2024-27442 · Elastic · Kibana

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: A flaw was discovered in Kibana, allowing view-only users of alerting to use the "run soon API" making the alerting rule run continuously, potentially affecting the system availability if th...

CVE-2021-27900

The Proofpoint Insider Threat Management Server formerly ObserveIT Server is missing an authorization check on several pages in the Web Console. This enables a view-only user to change any configuration setting and delete any registered agents. All versions before 7.11.1 are affected...

CVE-2020-8188

We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can r...