Lucene search
+L

11 matches found

Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.9 views

PT-2026-34499

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description A flaw in the rm utility allows the bypass of safeguard mechanisms designed to protect the current directory. Although the utility prevents the deletion of . or .., it does not...

5.6CVSS6AI score0.00166EPSS
Exploits1References12
AlmaLinux
AlmaLinux
added 2026/01/26 12:0 a.m.12 views

Important: fence-agents security update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fixes: urllib3: urllib3: Unbounded decompression chain leads to resource...

8.9CVSS5.4AI score0.02667EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2025/11/13 6:0 p.m.12 views

CVE-2025-20379

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116, 9.3.2408.124, 10.0.2503.5 and 10.1.2507.1, a low-privileged user that does not hold the “admin“ or “power“ Splunk roles could run a saved search with a risky command using th...

3.5CVSS6.8AI score0.00276EPSS
Exploits0References1
HackRead
HackRead
added 2025/11/11 10:35 a.m.6 views

Cisco Finds Open-Weight AI Models Easy to Exploit in Long Chats

Cisco’s new research shows that open-weight AI models, while driving innovation, face serious security risks as multi-turn attacks, including conversational persistence, can bypass safeguards and expose data...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/05 9:16 p.m.9 views

Malicious code in wayspiritmcp-weather (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 c3dbe830c7b2364daef2e4634c16062b86b0b26b88f95533e9413aa91bc646fd Package seems to provide an MCP server, but in fact contains attempts to make an LLM agent break safeguards. As the request is about leaves just a flag, it see...

6.9AI score
Exploits0References1
OSV
OSV
added 2025/03/26 10:15 p.m.4 views

CVE-2025-20226

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command using the permission...

5.7CVSS5.8AI score0.00434EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.10 views

PT-2024-35689 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.3.2 Splunk Enterprise versions prior to 9.2.4 Splunk Enterprise versions prior to 9.1.7 Splunk Cloud Platform versions prior to 9.2.2406.107 Splunk Cloud Platform versions prior to 9.2.2403.109 Splunk Clo...

5.7CVSS7.2AI score0.00464EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/07/01 4:30 p.m.33 views

CVE-2024-36986 Risky command safeguards bypass through Search ID query in Analytics Workspace

In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, an authenticated user could run risky commands using the permissions of a higher-privileged user to bypass SPL safeguards for risky commands in the Analytics...

6.3CVSS0.00393EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/27 4:15 p.m.24 views

CVE-2024-29946 Risky command safeguards bypass in Dashboard Examples Hub

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands. This could let attackers bypass SPL safeguards for risky commands in the Hub. The vulnerability would require the attacker to phish the victim by tricking them into...

8.1CVSS7AI score0.00773EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/02/12 12:0 a.m.6 views

Open-Xchange App Suite Security Vulnerability

Open-Xchange App Suite is an email and productivity suite client software from Open-Xchange Germany. A security vulnerability exists in Open-Xchange App Suite that stems from the presence of a redirection that allows an attacker to forge application references and bypass existing safeguards to...

5.4CVSS6.8AI score0.00475EPSS
Exploits0References3
OSV
OSV
added 2023/02/14 6:15 p.m.6 views

CVE-2023-22934

In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language SPL command lets a search bypass SPL safeguards for risky commands using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user t...

8CVSS7.3AI score0.01121EPSS
Exploits1References2
Rows per page
Query Builder