8 matches found
EUVD-2025-20296
Malicious code in bioql PyPI...
EUVD-2023-29935
Malicious code in bioql PyPI...
CVE-2025-20323
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...
CVE-2025-20323
CVE-2025-20323 affects Splunk Enterprise: versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10 are vulnerable. A low-privileged user (not admin/power) can turn off the scheduled search Bucket Copy Trigger in the Splunk Archiver app due to missing access controls in the saved searches. Root cause: insuf...
CVE-2025-20323 Missing Access Control of Saved Searches in the Splunk Archiver app
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...
CVE-2025-20323 Missing Access Control of Saved Searches in the Splunk Archiver app
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a low-privileged user that does not hold the "admin" or "power" Splunk roles could turn off the scheduled search Bucket Copy Trigger within the Splunk Archiver application. This is because of missing access controls in the saved...
CVE-2023-26061
An issue was discovered in Nokia NetAct before 22 FP2211. On the Scheduled Search tab under the Alarm Reports Dashboard page, users can create a script to inject XSS. Input validation was missing during creation of a scheduled task. For an external attacker, it is very difficult to exploit this,...
PT-2022-6441 · Nokia · Nokia Netact
Name of the Vulnerable Software and Affected Versions: Nokia NetAct versions prior to 22 FP2211 Description: The issue is related to insufficient protection of the web page structure when creating tasks. It allows an attacker to perform cross-site scripting XSS attacks by injecting scripts. The...