Vulnerabilidades em Elastic

233 resultados
CVE-2024-52974MEDIUMAn issue has been identified where a specially crafted request sent to an Observability API could cause the kibana server to crash. A succeEPSS 0.3%CVE-2025-68388MEDIUMAllocation of resources without limits or throttling (CWE-770) allows an unauthenticated remote attacker to cause excessive allocation (CAPEEPSS 0.3%CVE-2026-0532HIGHExternal Control of File Name or Path and Server-Side Request Forgery (SSRF) in Kibana Google Gemini ConnectorEPSS 0.3%CVE-2026-42398HIGHServer-Side Request Forgery (SSRF) in Kibana Leading to Unauthorized Network AccessEPSS 0.3%CVE-2026-4498HIGHExecution with Unnecessary Privileges in Kibana Leading to reading index data beyond their direct Elasticsearch RBAC scopeEPSS 0.3%CVE-2026-42399MEDIUMUncontrolled Resource Consumption in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2026-42400MEDIUMUncontrolled Resource Consumption in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2025-37736HIGHElastic Cloud Enterprise Improper AuthorizationEPSS 0.3%CVE-2025-25013MEDIUMElastic Defend Insertion of Sensitive Information into Log FilesEPSS 0.3%CVE-2022-38775HIGHAn issue was discovered in the rollback feature of Elastic Endpoint Security for Windows, which could allow unprivileged users to elevate thEPSS 0.3%CVE-2026-33461HIGHIncorrect Authorization in Kibana Fleet Leading to Information DisclosureEPSS 0.3%CVE-2021-22136In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout settinEPSS 0.3%CVE-2026-26935MEDIUMImproper Input Validation in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2026-26934MEDIUMImproper Validation of Specified Quantity in Input in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2025-25016MEDIUMKibana Unrestricted Upload of FileEPSS 0.3%CVE-2026-0530MEDIUMAllocation of Resources Without Limits or Throttling in Kibana Leading to Excessive AllocationEPSS 0.3%CVE-2026-26937MEDIUMUncontrolled Resource Consumption in Kibana Leading to Denial of ServiceEPSS 0.3%CVE-2025-68389MEDIUMKibana Allocation of Resources Without Limits or ThrottlingEPSS 0.3%CVE-2024-11390MEDIUMKibana Unrestricted Upload of File with Dangerous Type Can Lead to XSSEPSS 0.3%CVE-2023-31421MEDIUMBeats, Elastic Agent, APM Server, and Fleet Server Improper Certificate Validation issueEPSS 0.3%