Lucene search
+L

16 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-36380

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00373EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2024/12/30 12:0 a.m.11 views

The vulnerability of the Splunk Web Bulletin Messages module in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to influence the confidentiality and integrity of the protected information.

The vulnerability of the Splunk Web Bulletin Messages module in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to influence the confidentiality and integrity of...

7.5CVSS5.4AI score0.00277EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/07/15 12:0 a.m.9 views

The vulnerability of the Bulletin Messages module in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Bulletin Messages module in the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of protective measures for the website structure. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting...

5.5CVSS5.2AI score0.00302EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2024/07/05 12:0 a.m.9 views

Splunk Enterprise Access Control Error Vulnerability (CNVD-2024-34267)

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines and cloud. An Access...

7.1CVSS6.7AI score0.00277EPSS
Exploits0References1
NVD
NVD
added 2024/07/01 5:15 p.m.32 views

CVE-2024-36993

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in...

5.4CVSS0.00373EPSS
Exploits1References2
OSV
OSV
added 2024/07/01 5:15 p.m.4 views

CVE-2024-36994

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could...

5.4CVSS5.9AI score0.00302EPSS
Exploits0References2
OSV
OSV
added 2024/07/01 5:15 p.m.6 views

CVE-2024-36993

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in...

5.4CVSS5.9AI score0.00373EPSS
Exploits1References2
NVD
NVD
added 2024/07/01 5:15 p.m.25 views

CVE-2024-36989

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive...

7.1CVSS0.00277EPSS
Exploits0References2
OSV
OSV
added 2024/07/01 5:15 p.m.3 views

CVE-2024-36989

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive...

4.3CVSS5.8AI score0.00277EPSS
Exploits0References2
CVE
CVE
added 2024/07/01 4:54 p.m.85 views

CVE-2024-36993

CVE-2024-36993 affects Splunk Enterprise and Splunk Cloud Platform. A low-privileged user without admin/power roles can inject a payload via Splunk Web Bulletin Messages, causing execution of unauthorized JavaScript in a user’s browser. Affected versions: Splunk Enterprise < 9.2.2, < 9.1.5,...

5.4CVSS5.6AI score0.00373EPSS
Exploits1References2Affected Software2
Vulnrichment
Vulnrichment
added 2024/07/01 4:30 p.m.26 views

CVE-2024-36989 Low-privileged user could create notifications in Splunk Web Bulletin Messages

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive...

7.1CVSS6.9AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.5 views

PT-2024-9890 · Splunk · Splunk Cloud Platform +2

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Description: The issue is related to insufficient access contr...

7.5CVSS7AI score0.00277EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2024/07/01 12:0 a.m.17 views

Splunk Enterprise 9.0.0 < 9.0.10, 9.1.0 < 9.1.5, 9.2.0 < 9.2.2 (SVD-2024-0709)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2024-0709 advisory. - In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a...

7.1CVSS5.5AI score0.00277EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.10 views

PT-2024-27235 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Splunk Cloud Platform versions prior to 9.1.2308.207...

5.4CVSS7.4AI score0.00373EPSS
Exploits1References5
CNNVD
CNNVD
added 2024/07/01 12:0 a.m.6 views

Splunk Cloud Platform和Splunk Enterprise 安全漏洞

Splunk is a suite of data collection and analysis software from Splunk, Inc. in the United States. The software is primarily used to collect, index and analyze and the data it generates, including data generated by all IT systems and infrastructures physical, virtual machines and cloud. An Access...

7.1CVSS6.7AI score0.00277EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.8 views

PT-2024-4750 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.2.2 Splunk Enterprise versions prior to 9.1.5 Splunk Enterprise versions prior to 9.0.10 Splunk Cloud Platform versions prior to 9.1.2312.200 Splunk Cloud Platform versions prior to 9.1.2308.207...

5.5CVSS6.8AI score0.00302EPSS
Exploits0References8
Rows per page
Query Builder