Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2015-9056 | Kibana versions prior to 4.1.3 and 4.2.1 are vulnerable to a XSS attack. | 6.1 | 0.83% | 2017-06-16 | 2026-06-16 |
| CVE-2016-10352 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10353 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10354 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10355 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10356 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10357 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10358 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10359 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10360 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10361 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none | N/A | 0.24% | 2019-03-05 | 2023-11-06 |
| CVE-2016-10362 | Prior to Logstash version 5.0.1, Elasticsearch Output plugin when updating connections after sniffing, would log to file HTTP basic auth credentials. | 6.5 | 1.08% | 2017-06-16 | 2026-06-16 |
| CVE-2016-10363 | Logstash versions prior to 2.3.3, when using the Netflow Codec plugin, a remote attacker crafting malicious Netflow v5, Netflow v9 or IPFIX packets could perform a denial of service attack on the Logstash instance. The errors resulting from these crafted inputs are not handled by the codec and can cause the Logstash process to exit. | 7.5 | 1.31% | 2017-06-16 | 2026-06-16 |
| CVE-2016-10364 | With X-Pack installed, Kibana versions 5.0.0 and 5.0.1 were not properly authenticating requests to advanced settings and the short URL service, any authenticated user could make requests to those services regardless of their own permissions. | 6.5 | 0.99% | 2017-06-16 | 2026-06-16 |
| CVE-2016-10365 | Kibana versions before 4.6.3 and 5.0.1 have an open redirect vulnerability that would enable an attacker to craft a link in the Kibana domain that redirects to an arbitrary website. | 6.1 | 1.02% | 2017-06-16 | 2026-06-16 |
| CVE-2016-10366 | Kibana versions after and including 4.3 and before 4.6.2 are vulnerable to a cross-site scripting (XSS) attack. | 6.1 | 0.94% | 2017-06-16 | 2026-06-16 |
| CVE-2017-11479 | Kibana versions prior to 5.6.1 had a cross-site scripting (XSS) vulnerability in Timelion that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 | 1.07% | 2017-09-28 | 2026-06-16 |
| CVE-2017-11480 | Packetbeat versions prior to 5.6.4 are affected by a denial of service flaw in the PostgreSQL protocol handler. If Packetbeat is listening for PostgreSQL traffic and a user is able to send arbitrary network traffic to the monitored port, the attacker could prevent Packetbeat from properly logging other PostgreSQL traffic. | 7.5 | 1.44% | 2017-12-08 | 2026-06-16 |
| CVE-2017-11481 | Kibana versions prior to 6.0.1 and 5.6.5 had a cross-site scripting (XSS) vulnerability via URL fields that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 | 0.84% | 2017-12-08 | 2026-06-16 |
| CVE-2017-11482 | The Kibana fix for CVE-2017-8451 was found to be incomplete. With X-Pack installed, Kibana versions before 6.0.1 and 5.6.5 have an open redirect vulnerability on the login page that would enable an attacker to craft a link that redirects to an arbitrary website. | 6.1 | 0.74% | 2017-12-08 | 2026-06-16 |