26 matches found
CVE-2025-20373
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...
CVE-2025-20373
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...
CVE-2025-20373 Sensitive Information Disclosure in “_internal“ index through Splunk Add-On for Palo Alto Networks
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...
CVE-2025-20373 Sensitive Information Disclosure in “_internal“ index through Splunk Add-On for Palo Alto Networks
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...
CVE-2025-20373
CVE-2025-20373 affects the Splunk Add-on for Palo Alto Networks (versions below 2.0.2). The issue is that client secrets are exposed in plaintext in the _internal index during the addition of new “Data Security Accounts.” Exploitation would require local access to log files or administrative acce...
Splunk Add-on for Palo Alto Networks 日志信息泄露漏洞
Splunk Add-on for Palo Alto Networks is an add-on from Splunk, Inc. A log message disclosure vulnerability exists in Splunk Add-on for Palo Alto Networks versions prior to 2.0.2, which stems from exposing client keys in plaintext...
PT-2025-48163
In Splunk Add-on for Palo Alto Networks versions below 2.0.2, the add-on exposes client secrets in plain text in the internal index during the addition of new “Data Security Accounts“. The vulnerability would require either local access to the log files or administrative access to internal indexe...
EUVD-2023-50470
Malicious code in bioql PyPI...
EUVD-2023-50469
Malicious code in bioql PyPI...
EUVD-2023-27045
Malicious code in bioql PyPI...
CVE-2025-0367 Regular Expression Denial of Service (ReDoS) in Splunk Supporting Add-on for Active Directory (SA-ldapsearch)
In versions 3.1.0 and lower of the Splunk Supporting Add-on for Active Directory, also known as SA-ldapsearch, a vulnerable regular expression pattern could lead to a Regular Expression Denial of Service ReDoS attack...
Splunk Supporting Add-on for Active Directory 安全漏洞
Splunk Supporting Add-on for Active Directory SA-ldapsearch is an add-on for Active Directory from Splunk. A security vulnerability exists in Splunk Supporting Add-on for Active Directory version 3.1.0 and earlier, which stems from a vulnerable regular expression pattern that could lead to a...
The vulnerability of the Session Token Handler component in the application for creating supplements, related to integrating external data sources with the Splunk Add-on Builder platform, arises from improper processing of output data for registration logs. This allows a malicious actor to gain unauthorized access to edit the application.
The vulnerability of the Session Token Handler component in application add-ons for integrating external data sources with the Splunk Add-on Builder platform is related to improper processing of output data for registration logs. Exploiting this vulnerability allows a malicious actor, operating...
CVE-2023-46231
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
CVE-2023-46231
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
Information disclosure
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files...
CVE-2023-46230 Sensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files...
CVE-2023-46230 Sensitive Information Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files...
CVE-2023-46231 Session Token Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...
CVE-2023-46231 Session Token Disclosure to Internal Log Files in Splunk Add-on Builder
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on...