| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-37286 | APM Server Insertion of Sensitive Information into Log File | Elastic | APM Server | Medium | 5.7 | 2024-08-03 15:16:23 | Deep Dive |
| CVE-2024-23444 | Elasticsearch elasticsearch-certutil csr fails to encrypt private key | Elastic | Elasticsearch | Medium | 4.9 | 2024-07-31 17:26:13 | Deep Dive |
| CVE-2024-37281 | Kibana Denial of Service issue | Elastic | Kibana | Medium | 6.5 | 2024-07-30 21:45:36 | Deep Dive |
| CVE-2023-49921 | Elasticsearch 安全漏洞 | Elastic | Elasticsearch | Medium | 5.2 | 2024-07-26 05:10:34 | Deep Dive |
| CVE-2024-37282 | Elastic Cloud Enterprise 安全漏洞 | Elastic | Elastic Cloud Enterprise | High | 8.1 | 2024-06-28 04:58:18 | Deep Dive |
| CVE-2024-23443 | Elastic Kibana 安全漏洞 | Elastic | Kibana | Medium | 4.9 | 2024-06-19 13:47:29 | Deep Dive |
| CVE-2024-23442 | Kibana open redirect issue | Elastic | Kibana | Medium | 6.1 | 2024-06-14 14:26:53 | Deep Dive |
| CVE-2024-37279 | Kibana Broken Access Control issue | Elastic | Kibana | Medium | 4.3 | 2024-06-13 17:04:42 | Deep Dive |
| CVE-2024-37280 | Elasticsearch StackOverflow vulnerability | Elastic | Elasticsearch | Medium | 4.9 | 2024-06-13 16:26:58 | Deep Dive |
| CVE-2024-23445 | Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions | Elastic | Elasticsearch | Medium | 6.5 | 2024-06-12 13:58:45 | Deep Dive |
| CVE-2024-32134 | WordPress Forms to Zapier plugin <= 1.1.12 - Auth. SQL Injection vulnerability | Nasirahmed | Forms to Zapier, Integromat, IFTTT, Workato, Automate.io, elastic.io, Built.io, APIANT, Webhook | High | 7.6 | 2024-04-15 07:32:48 | Deep Dive |
| CVE-2024-23449 | Elasticsearch Uncaught Exception | Elastic | Elasticsearch | Medium | 4.3 | 2024-03-29 11:12:49 | Deep Dive |
| CVE-2024-23451 | Elasticsearch Incorrect Authorization in the Remote Cluster Security API key based security model | Elastic | Elasticsearch | Medium | 4.4 | 2024-03-27 18:03:26 | Deep Dive |
| CVE-2024-23450 | Elasticsearch Uncontrolled Resource Consumption vulnerability | Elastic | Elasticsearch | Medium | 4.9 | 2024-03-27 17:03:48 | Deep Dive |
| CVE-2024-23448 | APM Server Insertion of Sensitive Information into Log File | Elastic | APM Server | Medium | 5.7 | 2024-02-07 21:37:46 | Deep Dive |
| CVE-2024-23447 | Elastic Network Drive Connector Improper Access Control | Elastic | Elastic Network Drive Connector | Medium | 5.3 | 2024-02-07 03:46:25 | Deep Dive |
| CVE-2024-23446 | Kibana Broken Access Control issue | Elastic | Kibana | Medium | 6.5 | 2024-02-07 03:16:39 | Deep Dive |
| CVE-2023-46675 | Kibana Insertion of Sensitive Information into Log File | Elastic | Kibana | High | 8.0 | 2023-12-13 07:02:08 | Deep Dive |
| CVE-2023-46671 | Kibana Insertion of Sensitive Information into Log File | Elastic | Kibana | High | 8.0 | 2023-12-13 06:58:00 | Deep Dive |
| CVE-2023-6687 | Elastic Agent Insertion of Sensitive Information into Log File | Elastic | Elastic Agent | Medium | 6.8 | 2023-12-12 18:28:06 | Deep Dive |