9 matches found
CVE-2025-20383
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...
CVE-2025-20383
In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure Gateway app in Splunk Cloud Platform, a low-privileged user that does not hold the "admin" or "power" Splunk roles and subscribes to mobile push notifications could receive...
Splunk Enterprise 9.2 < 9.2.10, 9.3 < 9.3.8, 9.4 < 9.4.6, 10.0 < 10.0.2 (SVD-2025-1202)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1202 advisory. - In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and below 3.9.10, 3.8.58, and 3.7.28 of Splunk Secure...
PT-2025-48955
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.2 Splunk Enterprise versions 9.2.10 through 9.4.6 Splunk Enterprise versions 9.3.8 Splunk Secure Gateway app versions below 3.7.28 Splunk Secure Gateway app versions 3.8.58 and below Splunk Secure Gatew...
EUVD-2015-8367
Malware in sbrugna...
GHSA-XRRW-9J78-HPF3 Jenkins HTML Publisher Plugin Stored XSS vulnerability
Jenkins HTML Publisher Plugin 1.32 and earlier does not escape job names, report names, and index page titles shown as part of the report frame, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...
CVE-2015-8486
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152...
Design/Logic Flaw
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152...
CVE-2015-8486
Cybozu Office 9.9.0 through 10.3.0 allows remote authenticated users to bypass intended access restrictions and read arbitrary report titles via unspecified vectors, a different vulnerability than CVE-2015-8484, CVE-2015-8485, and CVE-2016-1152...