DoS (Denial of Service) Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-21538

This High severity vulnerability known as CVE-2024-21538 was introduced in 6.0.5, 7.0.3, 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 9.4.0, 8.19.12, 8.19.13, 9.4.1, 9.4.2, 8.19.14, 9.4.3, 8.19.15 of Bitbucket Data Center and Server. This...

EUVD-2020-1411

Malware in sbrugna...

EUVD-2022-2427

Malicious code in bioql PyPI...

CVE-2025-20370

In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability changeauthentication, could send multiple LDAP bind requests to a specific...

Splunk Enterprise 9.2.0 < 9.2.8, 9.3.0 < 9.3.6, 9.4.0 < 9.4.4 (SVD-2025-1004)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1004 advisory. - In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108,...

CVE-2025-20369

In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privilege user that does not hold the "admin" or "power" Splunk roles could perform an extensible markup language XML external entity XXE...

CVE-2025-20367 Reflected Cross-site Scripting (XSS) in '/app/search/table' endpoint through the 'dataset.command' parameter on Splunk Enterprise

In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and 9.2.2406.122, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious payload through the dataset.command parameter of t...

CVE-2020-15263

In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4...

Design/Logic Flaw

In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4...

CVE-2020-15263 XSS in platform

In platform before version 9.4.4, inline attributes are not properly escaped. If the data that came from users was not escaped, then an XSS vulnerability is possible. The issue was introduced in 9.0.0 and fixed in 9.4.4...

GHSA-589W-HCCM-265X Inline attribute values were not processed.

Impact Inline attributes have not been processed escape. If the data that came from users was not processed, then an XSS vulnerability is possible Patches Fixed in 9.4.4...

DNN Path Traversal Vulnerability

DNN also known as DotNetNuke is a set of U.S. DNN by Microsoft support , based on the ASP.NET platform for open source content management system CMS. The system is easy to install , scalable , feature-rich and so on. A path traversal vulnerability exists in DNN 9.4.4 and earlier versions. The...

DNN Code Issue Vulnerability

DNN also known as DotNetNuke is a set of U.S. DNN by Microsoft support , based on the ASP.NET platform for open source content management system CMS. The system is easy to install , scalable , feature-rich and so on. A code issue vulnerability exists in DNN 9.4.4 and prior versions. The...

CVE-2020-5188

DNN formerly DotNetNuke through 9.4.4 has Insecure Permissions...

CVE-2020-5186

DNN formerly DotNetNuke through 9.4.4 allows XSS issue 1 of 2...

CVE-2020-5186

DNN formerly DotNetNuke through 9.4.4 allows XSS issue 1 of 2...

CVE-2020-5188

DNN formerly DotNetNuke through 9.4.4 has Insecure Permissions...

Cross site scripting

DNN formerly DotNetNuke through 9.4.4 allows XSS issue 1 of 2...

Path traversal

DNN formerly DotNetNuke through 9.4.4 allows Path Traversal issue 2 of 2...

CVE-2020-5186

CVE-2020-5186 maps to a DNN (DotNetNuke) XSS issue in versions up to 9.4.4. The core description in the initial document states XSS (issue 1 of 2) for DNN 9.4.4. Connected documents corroborate a DNN XSS vulnerability; no explicit exploitation details, impact metrics, or patched version are provi...