244 matches found
EUVD-2024-36384
Malicious code in bioql PyPI...
EUVD-2023-36943
Malicious code in bioql PyPI...
EUVD-2025-8263
Malicious code in bioql PyPI...
EUVD-2024-36381
Malicious code in bioql PyPI...
EUVD-2024-36376
Malicious code in bioql PyPI...
EUVD-2022-53390
Malicious code in bioql PyPI...
EUVD-2025-32027
Malicious code in bioql PyPI...
Splunk Enterprise 9.2.0 < 9.2.8, 9.3.0 < 9.3.6, 9.4.0 < 9.4.4 (SVD-2025-1001)
The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1001 advisory. - In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111,...
CVE-2025-20369
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privilege user that does not hold the "admin" or "power" Splunk roles could perform an extensible markup language XML external entity XXE...
CVE-2025-20368
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through the error messages and job inspection...
CVE-2025-20371
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and 9.2.2406.122, an unauthenticated attacker could trigger a blind server-side request forgery SSRF potentially letting an attacker perform REST API calls on...
CVE-2025-20370
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a user who holds a role that contains the high-privilege capability changeauthentication, could send multiple LDAP bind requests to a specific...
CVE-2025-20371
In Splunk Enterprise versions below 10.0.1, 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and 9.2.2406.122, an unauthenticated attacker could trigger a blind server-side request forgery SSRF potentially letting an attacker perform REST API calls on...
CVE-2025-20368
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.108, 9.3.2408.118 and 9.2.2406.123, a low privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through the error messages and job inspection...
CVE-2025-20367 Reflected Cross-site Scripting (XSS) in '/app/search/table' endpoint through the 'dataset.command' parameter on Splunk Enterprise
In Splunk Enterprise versions below 9.4.4, 9.3.6 and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.109, 9.3.2408.119 and 9.2.2406.122, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious payload through the dataset.command parameter of t...
CVE-2025-20366 Improper Access Control in Background Job Submission in Splunk Enterprise
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119, and 9.2.2406.122, a low-privileged user that does not hold the admin or power Splunk roles could access sensitive search results if Splunk Enterprise runs an...
CVE-2025-20366 Improper Access Control in Background Job Submission in Splunk Enterprise
In Splunk Enterprise versions below 9.4.4, 9.3.6, and 9.2.8, and Splunk Cloud Platform versions below 9.3.2411.111, 9.3.2408.119, and 9.2.2406.122, a low-privileged user that does not hold the admin or power Splunk roles could access sensitive search results if Splunk Enterprise runs an...
PT-2025-40273
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1 Splunk Enterprise versions 9.2.8 through 9.4.4 Splunk Cloud Platform versions prior to 9.3.2411.108 Splunk Cloud Platform versions 9.2.2406.123 through 9.3.2408.118 Description A user with the change...
PT-2025-40272
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 9.4.4 Splunk Enterprise versions 9.2.8 through 9.3.6 Splunk Cloud Platform versions prior to 9.3.2411.108 Splunk Cloud Platform versions 9.2.2406.123 through 9.3.2408.118 Description A user with limited...
Splunk Cloud Platform和Splunk Enterprise 资源管理错误漏洞
Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A resource management error vulnerability exis...