26 matches found
CVE-2026-20251
CVE-2026-20251 affects Splunk Enterprise (versions below 10.2.4/10.0.7/9.4.12/9.3.13), Splunk Cloud Platform (below 10.3.2512.12/10.2.2510.14/10.1.2507.22/9.3.2411.132), and Splunk Secure Gateway (below 3.10.6/3.9.20/3.8.67). A low-privileged user (not admin/power) can achieve Remote Code Executi...
PT-2026-48491
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.2.4 Splunk Enterprise versions prior to 10.0.7 Splunk Enterprise versions prior to 9.4.12 Splunk Enterprise versions prior to 9.3.13 Splunk Cloud Platform versions prior to 10.3.2512.12 Splunk Cloud...
Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0601)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0601 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, Splunk Cloud Platform versions below 10.3.2512.12,...
@veramo/kv-store (>=6.0.0 <=6.0.2-next.57) potentially affected by unknown CVE via @veramo/core-types (>=6.0.0 <=6.0.2-next.57)
@veramo/core-types NPM version =6.0.0, =6.0.0, =6.0.2-next.57 Source cves: unknown CVE Source advisory: SNYK:JS-VERAMOCORETYPES-15032936...
EUVD-2023-27044
Malicious code in bioql PyPI...
EUVD-2024-41702
Malicious code in bioql PyPI...
EUVD-2024-21146
Malicious code in bioql PyPI...
CVE-2025-20230
In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could edit and delete other user data in App Key Value...
CVE-2024-45735
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...
CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...
CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...
CVE-2024-45735
Summary (CVE-2024-45735) : Splunk Enterprise versions before 9.2.3 and 9.1.6, and Splunk Secure Gateway on Splunk Cloud Platform versions before 3.4.259, 3.6.17, or 3.7.0 allow a low-privileged user (not admin/power) to view App Key Value Store (KV Store) deployment configuration and public/priva...
PT-2024-7158 · Splunk · Splunk Cloud Platform +2
Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Splunk Cloud Platform versions prior to 9.2.2403.108 Splunk Cloud Platform versions prior to 9.1.2312.204 Descriptio...
Splunk Enterprise 9.1.0 < 9.1.6, 9.2.0 < 9.2.3 (SVD-2024-1005)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1005 advisory. - In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions bel...
The vulnerability of the application programming interface of the Splunk Enterprise platform for operational analysis allows a perpetrator to delete data from the KV Store.
The vulnerability of the application programming interface of the Splunk Enterprise platform for operational analysis is related to deficiencies in access control to the KV Store. Exploiting this vulnerability could allow a malicious actor to delete data from the KV Store...
CVE-2024-23675
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...
CVE-2024-23675
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...
Design/Logic Flaw
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...
CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...
CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...