Lucene search
K

9955 matches found

RedhatCVE
RedhatCVE
added 2026/06/10 9:3 p.m.8 views

CVE-2026-47287

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:2 p.m.8 views

CVE-2026-48569

Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

7.1CVSS5.5AI score0.0035EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.7 views

CVE-2026-47292

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.5AI score0.00368EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.8 views

CVE-2026-47281

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

9.6CVSS5.5AI score0.00591EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:1 p.m.11 views

CVE-2026-45482

Improper limitation of a pathname to a restricted directory 'path traversal' in GitHub Copilot and Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

8.4CVSS5.5AI score0.00345EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.9 views

CVE-2026-40376

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

8.1CVSS5.5AI score0.00671EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 6:16 p.m.15 views

CVE-2026-20252

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send server-side requests to...

7.6CVSS0.00255EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 5:16 p.m.10 views

EUVD-2026-36086

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send server-side requests to...

7.6CVSS5.6AI score0.00255EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 5:16 p.m.7 views

CVE-2026-20252 Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send server-side requests to...

7.6CVSS5.6AI score0.00255EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 5:16 p.m.52 views

CVE-2026-20252

Splunk Enterprise and Splunk Cloud Platform are affected by CVE-2026-20252 due to an SSRF in Dashboard Studio PDF export. A low-privilege user (not admin/power role) can cause server-side requests to arbitrary internal destinations by abusing the PDF export feature. Root cause: trusted-domain val...

7.6CVSS5.6AI score0.00255EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/10 5:16 p.m.29 views

CVE-2026-20252 Server-Side Request Forgery (SSRF) through Dashboard Studio PDF Export in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send server-side requests to...

7.6CVSS0.00255EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.10 views

Splunk Enterprise 服务端请求伪造漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of the American company Splunk. Splunk Cloud Platform is a powerful service for data collection, processing, and analysis. Splunk Enterprise is a suite of software for data collection and analysis. There are code vulnerabilities in...

7.6CVSS6AI score0.00255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.14 views

PT-2026-48492

🚨 CVE-2026-20252 In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.4.2604.3, 10.3.2512.12, 10.2.2510.14, 10.1.2507.22, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could send...

7.6CVSS5.4AI score0.00255EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 6:30 p.m.22 views

EUVD-2026-35698

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS5.5AI score0.00622EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.9 views

EUVD-2026-35502

Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally...

7.8CVSS5.4AI score0.00368EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/09 6:30 p.m.18 views

EUVD-2026-35536

Improper input validation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network...

7.5CVSS5.5AI score0.00671EPSS
Exploits0References2
NCSC
NCSC
added 2026/06/09 6:23 p.m.15 views

vulnerabilities handled in Microsoft Developer Tools

Microsoft has addressed vulnerabilities in Developer Tools. A malicious actor could exploit these vulnerabilities to carry out attacks that can cause various types of damage, as described in the tables below. Except for the vulnerability in .NET Core, where no prior authentication or user...

9.6CVSS5.7AI score0.0243EPSS
Exploits0
NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-48569

Improper input validation in Visual Studio Code allows an unauthorized attacker to bypass a security feature locally...

7.1CVSS0.0035EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.7 views

CVE-2026-47284

Exposure of sensitive information to an unauthorized actor in Visual Studio Code allows an unauthorized attacker to disclose information over a network...

6.5CVSS0.00763EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 5:17 p.m.14 views

CVE-2026-47287

Relative path traversal in Visual Studio Code allows an unauthorized attacker to perform tampering over a network...

6.5CVSS0.00622EPSS
Exploits0References1
Rows per page
Query Builder