Количество 18 769
Количество 18 769
CVE-2021-22134
A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view.
CVE-2021-2212
CVE-2021-2208
CVE-2021-2203
CVE-2021-2201
CVE-2021-2196
CVE-2021-2194
CVE-2021-2193
CVE-2021-2180
CVE-2021-2179
CVE-2021-2174
CVE-2021-2172
CVE-2021-2171
CVE-2021-2170
CVE-2021-21708
UAF due to php_filter_float() failing
CVE-2021-21707
Special characters break path parsing in XML functions
CVE-2021-21705
Incorrect URL validation in FILTER_VALIDATE_URL
CVE-2021-21704
Multiple vulnerabilities in Firebird client extension
CVE-2021-21703
PHP-FPM memory access in root process leading to privilege escalation
CVE-2021-21702
Null Dereference in SoapClient
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-22134 A document disclosure flaw was found in Elasticsearch versions after 7.6.0 and before 7.11.0 when Document or Field Level Security is used. Get requests do not properly apply security permissions when executing a query against a recently updated document. This affects documents that have been updated and not yet refreshed in the index. This could result in the search disclosing the existence of documents and fields the attacker should not be able to view. | CVSS3: 4.3 | 0% Низкий | около 4 лет назад |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 0% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 2% Низкий | почти 5 лет назад | |
| CVSS3: 4.4 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 6.5 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.4 | 1% Низкий | почти 5 лет назад | |
| CVSS3: 4.9 | 1% Низкий | почти 5 лет назад | |
| CVE-2021-21708 UAF due to php_filter_float() failing | CVSS3: 8.2 | 0% Низкий | 4 месяца назад |
| CVE-2021-21707 Special characters break path parsing in XML functions | CVSS3: 5.3 | 1% Низкий | 4 месяца назад |
| CVE-2021-21705 Incorrect URL validation in FILTER_VALIDATE_URL | CVSS3: 4.3 | 0% Низкий | 4 месяца назад |
| CVE-2021-21704 Multiple vulnerabilities in Firebird client extension | CVSS3: 5 | 0% Низкий | 4 месяца назад |
| CVE-2021-21703 PHP-FPM memory access in root process leading to privilege escalation | CVSS3: 7.8 | 0% Низкий | 4 месяца назад |
| CVE-2021-21702 Null Dereference in SoapClient | CVSS3: 5.3 | 0% Низкий | 4 месяца назад |
Уязвимостей на страницу