Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21 matches found

RedhatCVE
RedhatCVEadded 2025/07/09 6:16 p.m.9 views

CVE-2025-20323

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...

4.3CVSS6.4AI score0.0025EPSS
Exploits0References1
Circl
Circladded 2025/07/07 7:56 p.m.12 views

CVE-2025-20323

creationtimestamp| type| source ---|---|--- 2025-07-07 19:56:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltfkyai4kr2e...

4.3CVSS6.6AI score0.0025EPSS
Exploits0References1
OSV
OSVadded 2025/07/07 6:15 p.m.2 views

CVE-2025-20323

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...

4.3CVSS5.8AI score
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/07/07 5:48 p.m.4 views

CVE-2025-20323 Missing Access Control of Saved Searches in the Splunk Archiver app

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...

4.3CVSS6.5AI score0.0025EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/07/07 5:48 p.m.7 views

CVE-2025-20323 Missing Access Control of Saved Searches in the Splunk Archiver app

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...

4.3CVSS0.0025EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2025/07/07 12:0 a.m.4 views

Splunk Enterprise 9.1.0 < 9.1.10, 9.2.0 < 9.2.7, 9.3.0 < 9.3.5, 9.4.0 < 9.4.3 (SVD-2025-0706)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0706 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

4.3CVSS5.5AI score0.0025EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/22 10:20 p.m.3 views

CVE-2022-20323

In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176...

5.5CVSS6.2AI score0.00092EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/05/22 8:6 a.m.13 views

CVE-2018-20323

www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands...

9CVSS7.7AI score0.55123EPSS
Exploits3References1
Tenable Nessus
Tenable Nessusadded 2025/05/13 12:0 a.m.13 views

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2025-20323)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-20323 advisory. - selftest/x86/bugs: Add selftests for ITS Pawan Gupta Orabug: 37863726 CVE-2024-28956 - x86/its: Align RETs in BHB clear sequence to avoid thunking Pawan...

5.7CVSS7.3AI score0.00347EPSS
Exploits0References2
Circl
Circladded 2024/07/17 7:53 p.m.4 views

CVE-2024-20323

creationtimestamp| type| source ---|---|--- 2024-07-17 19:53:56+00:00| seen| https://t.me/cvedetector/1109...

7.5CVSS4.8AI score0.00194EPSS
Exploits0References1
Hacker One
Hacker Oneadded 2023/10/22 8:58 p.m.104 views

U.S. Dept Of Defense: Reflected XSS via Keycloak on ███ [CVE-2021-20323]

The Keycloak 8.0 and prior versions contained a cross-site scripting vulnerability. An attacker could have executed arbitrary script by inserting a malicious payload in the path of a POST request to the /auth/realms/master/clients-registrations/openid-connect endpoint. This allowed the server to...

6.1CVSS5.8AI score0.37246EPSS
Exploits3
Circl
Circladded 2022/08/12 6:43 p.m.1 views

CVE-2022-20323

creationtimestamp| type| source ---|---|--- 2022-08-12 18:43:33+00:00| seen| https://t.me/cibsecurity/48063...

5.5CVSS5.5AI score0.00092EPSS
Exploits0References1
OSV
OSVadded 2022/08/12 3:15 p.m.2 views

CVE-2022-20323

In PackageManager, there is a possible package installation disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-187176...

5.5CVSS5.9AI score0.00092EPSS
Exploits0References1
CVE
CVEadded 2022/08/11 3:26 p.m.63 views

CVE-2022-20323

CVE-2022-20323 affects Android 13, with a missing permission check in the PackageManager that can disclose local information. The issue enables a local information disclosure vulnerability without user interaction, requiring user privileges. Vulnerable component: PackageManager (Android framework...

5.5CVSS5.5AI score0.00092EPSS
Exploits0References1Affected Software1
Circl
Circladded 2022/03/25 9:30 p.m.32 views

CVE-2021-20323

creationtimestamp| type| source ---|---|--- 2022-03-25 21:30:59+00:00| seen| https://t.me/cibsecurity/39556 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-20323.yaml...

6.1CVSS6.7AI score0.37246EPSS
Exploits3References2
OSV
OSVadded 2022/03/25 7:15 p.m.35 views

CVE-2021-20323

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak...

6.1CVSS6.1AI score
Exploits0References1
Cvelist
Cvelistadded 2022/03/25 6:3 p.m.50 views

CVE-2021-20323

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak...

6.3AI score0.37246EPSS
Exploits3References1
CVE
CVEadded 2022/03/25 6:3 p.m.253 views

CVE-2021-20323

Keycloak 10.0.0–18.0.0 contains a post-based reflected XSS via the client-registrations endpoint. The root cause is that a JSON key value is echoed in an error response with Content-Type: text/html, enabling HTML/JS execution in the user’s browser when a POST is used. Impact includes potential ar...

6.1CVSS6AI score0.37246EPSS
Exploits3References1Affected Software1
RedhatCVE
RedhatCVEadded 2022/01/27 1:19 p.m.71 views

CVE-2021-20323

A flaw has been found in Keycloak. The clients-registrations endpoint allows execution of javascript code on the client-side, which makes it vulnerable to a Cross-Site Scripting attack...

6.1CVSS3AI score0.37246EPSS
Exploits3References4
Cvelist
Cvelistadded 2020/01/02 8:33 p.m.11 views

CVE-2019-20323

...

Exploits0
Rows per page
Query Builder