Lucene search
K

12 matches found

Packet Storm
Packet Storm
added 2026/03/04 12:0 a.m.169 views

📄 Splunk Enterprise 9.1.5 / 9.2.2 Vulnerability Scanner

This PHP script is a defensive vulnerability checker for CVE-2024-36985 affecting Splunk Enterprise. It authenticates to a Splunk instance using provided credentials, retrieves the installed Splunk version, and determines whether it falls within the vulnerable ranges. The script then enumerates...

8.8CVSS6AI score0.06517EPSS
Exploits6
Circl
Circl
added 2026/01/28 2:0 p.m.6 views

CVE-2020-36985

creationtimestamp| type| source ---|---|--- 2026-01-28 14:00:19+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdigokf5ls2m...

8.5CVSS5.8AI score0.00157EPSS
Exploits0References1
OSV
OSV
added 2025/08/14 6:52 p.m.4 views

MAL-2025-36985 Malicious code in tl-creat (npm)

The package tl-creat was found to contain malicious code...

7.2AI score
Exploits0
Circl
Circl
added 2024/07/03 12:18 p.m.4 views

CVE-2024-36985

creationtimestamp| type| source ---|---|--- 2024-07-03 12:18:30+00:00| seen| https://t.me/truesecator/5927 2025-01-15 17:55:11+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1828 2025-02-28 11:26:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5872 2026-01-04...

8.8CVSS4.8AI score0.06517EPSS
Exploits6References5
ATTACKERKB
ATTACKERKB
added 2024/07/01 5:15 p.m.4 views

CVE-2024-36985

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunkarchiver“ application...

8.8CVSS5.4AI score0.06517EPSS
Exploits6References4
NVD
NVD
added 2024/07/01 5:15 p.m.17 views

CVE-2024-36985

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunkarchiver“ application...

8.8CVSS0.06517EPSS
Exploits6References2
Vulnrichment
Vulnrichment
added 2024/07/01 4:30 p.m.31 views

CVE-2024-36985 Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunkarchiver“ application...

8.8CVSS7.6AI score0.06517EPSS
Exploits6References2
Cvelist
Cvelist
added 2024/07/01 4:30 p.m.45 views

CVE-2024-36985 Remote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunkarchiver“ application...

8.8CVSS0.06517EPSS
Exploits6References2
OSV
OSV
added 2022/07/28 1:15 a.m.3 views

CVE-2022-36985

An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. An attacker with unprivileged local access to a Windows NetBackup Primary server could potentially escalate their privileges...

7.8CVSS5.8AI score0.00196EPSS
Exploits0References1
CVE
CVE
added 2022/07/28 12:56 a.m.62 views

CVE-2022-36985

CVE-2022-36985 affects Veritas NetBackup on Windows: vulnerable in NetBackup 8.1.x–8.1.2, 8.2, 8.3.x–8.3.0.2, 9.x–9.0.0.1, and 9.1.x–9.1.0.1. An unprivileged local attacker on a NetBackup Primary server could escalate privileges. Connected documents confirm affected versions and local-privilege-e...

7.8CVSS7.5AI score0.00196EPSS
Exploits0References1Affected Software4
CNVD
CNVD
added 2022/05/09 12:0 a.m.34 views

WUZHI CMS SQL Injection Vulnerability (CNVD-2022-36985)

Wuzhi WUZHI CMS is a PHP and MySQL based open source content management system CMS from Wuzhi.WUZHI CMS version 4.1.0 is vulnerable to SQL injection, which originates from the grouppid parameter of /coreframe/app/member/admin/group.php. parameter lacks validation for external input SQL statements...

9.8CVSS4.7AI score0.01033EPSS
Exploits1References1
CVE
CVE
added 2021/10/28 12:25 p.m.47 views

CVE-2021-36985

CVE-2021-36985: Concrete details in connected records indicate a code-injection vulnerability in Huawei smartphone software (EMUI/Magic UI on Android). It affects Huawei devices, enabling resource exhaustion and potential device reboot. Root cause: code injection in the Huawei smartphone stack. E...

7.8CVSS7.6AI score0.00691EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder