@veramo/kv-store (>=6.0.0 <=6.0.2-next.57) potentially affected by unknown CVE via @veramo/core-types (>=6.0.0 <=6.0.2-next.57)

@veramo/core-types NPM version =6.0.0, =6.0.0, =6.0.2-next.57 Source cves: unknown CVE Source advisory: SNYK:JS-VERAMOCORETYPES-15032936...

EUVD-2024-21146

Malicious code in bioql PyPI...

EUVD-2023-27044

Malicious code in bioql PyPI...

EUVD-2024-41702

Malicious code in bioql PyPI...

CVE-2025-20230

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure Gateway app on Splunk Cloud Platform, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could edit and delete other user data in App Key Value...

CVE-2024-45735

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...

CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...

CVE-2024-45735

Summary (CVE-2024-45735) : Splunk Enterprise versions before 9.2.3 and 9.1.6, and Splunk Secure Gateway on Splunk Cloud Platform versions before 3.4.259, 3.6.17, or 3.7.0 allow a low-privileged user (not admin/power) to view App Key Value Store (KV Store) deployment configuration and public/priva...

CVE-2024-45735 Improper Access Control for low-privileged user in Splunk Secure Gateway App

In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold the "admin" or "power" Splunk roles can see App Key Value Store KV Store deployment configuration an...

PT-2024-7158 · Splunk · Splunk Cloud Platform +2

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.1 Splunk Enterprise versions prior to 9.2.3 Splunk Enterprise versions prior to 9.1.6 Splunk Cloud Platform versions prior to 9.2.2403.108 Splunk Cloud Platform versions prior to 9.1.2312.204 Descriptio...

Splunk Enterprise 9.1.0 < 9.1.6, 9.2.0 < 9.2.3 (SVD-2024-1005)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-1005 advisory. - In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions bel...

CVE-2024-23675

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...

CVE-2024-23675

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...

Design/Logic Flaw

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...

CVE-2024-23675

CVE-2024-23675 affects Splunk Enterprise versions below 9.0.8 and 9.1.3, where the Splunk app key value store (KV Store) incorrectly handles permissions for users using the REST API, potentially enabling deletion of KV Store collections. The issue is rooted in access-control handling for KV Store...

CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...

CVE-2024-23675 Splunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion

In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for users that use the REST application programming interface API. This can potentially result in the deletion of KV Store collections...

Splunk Enterprise 9.0.0 < 9.0.8, 9.1.0 < 9.1.3 (SVD-2024-0105)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0105 advisory. - In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store KV Store improperly handles permissions for...

Splunk Enterprise 8.1 < 8.1.13, 8.2.0 < 8.2.10, 9.0.0 < 9.0.4 (SVD-2023-0212)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2023-0212 advisory. - In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway SSG...

CVE-2023-22942

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a cross-site request forgery in the Splunk Secure Gateway SSG app in the ‘kvstoreclient’ REST endpoint lets a potential attacker update SSG KV store collections using an HTTP GET request...