Lucene search
K

76 matches found

EUVD
EUVD
added yesterday3 views

EUVD-2026-40392

IBM UCD - IBM DevOps Deploy 8.1 through 8.1.2.6, and 8.2 through 8.2.1.0 uses Cross-Origin Resource Sharing CORS which could allow an attacker to carry out privileged actions and retrieve sensitive information as the domain name is not being limited to only trusted domains...

5.4CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2026/06/22 10:16 a.m.11 views

CVE-2026-12863

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...

5.1CVSS0.00226EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/22 8:41 a.m.6 views

CVE-2026-12863

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...

5.1CVSS5.8AI score0.00226EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/22 8:41 a.m.6 views

CVE-2026-12863 Open redirect

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...

5.1CVSS5.8AI score0.00226EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 8:41 a.m.8 views

EUVD-2026-38221

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...

5.1CVSS5.8AI score0.00226EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 8:41 a.m.33 views

CVE-2026-12863 Open redirect

An unvalidated redirect was contained in Venueless' social login functionality and could be exploited for phishing using trusted domains...

5.1CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 6:16 p.m.14 views

CVE-2026-20257

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS0.00198EPSS
Exploits0References1
NVD
NVD
added 2026/06/10 6:16 p.m.10 views

CVE-2026-20254

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 5:16 p.m.28 views

CVE-2026-20257 Improper Input Validation through Classic Dashboard CSS in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS0.00198EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 5:16 p.m.11 views

EUVD-2026-36085

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS5.4AI score0.00198EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/10 5:15 p.m.8 views

CVE-2026-20254 Information Disclosure through External Content Restriction Bypass in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS5.2AI score0.00247EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/10 5:15 p.m.26 views

CVE-2026-20254 Information Disclosure through External Content Restriction Bypass in Splunk Enterprise

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS0.00247EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 5:15 p.m.9 views

EUVD-2026-36081

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS5.5AI score0.00247EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 5:15 p.m.19 views

CVE-2026-20254

The affected products are Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132. A low-privileged user (not admin/power) can craft a malicious classic dashboard that exfiltrates sens...

5.7CVSS5.5AI score0.00247EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.15 views

PT-2026-48497

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a classic dashboard that exfiltrate...

5.7CVSS5.4AI score0.00198EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.7 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0604)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0604 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...

5.7CVSS5.4AI score0.00247EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.13 views

Splunk Enterprise 9.3.0 < 9.3.13, 9.4.0 < 9.4.12, 10.0.0 < 10.0.7, 10.2.0 < 10.2.4 (SVD-2026-0607)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0607 advisory. - In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13...

5.7CVSS5.4AI score0.00198EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48494

In Splunk Enterprise versions below 10.2.4, 10.0.7, 9.4.12, and 9.3.13, and Splunk Cloud Platform versions below 10.3.2512.13, 10.2.2510.15, 10.1.2507.23, and 9.3.2411.132, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could craft a malicious classic dashboard that...

5.7CVSS5.5AI score0.00247EPSS
Exploits0References2
Github Security Blog
Github Security Blog
added 2026/05/05 7:32 p.m.13 views

XWiki PlantUML Macro Vulnerable to Server-Side Request Forgery (SSRF) via 'server' parameter

Impact The PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does not validate the supplied URL. An attacker can supply an internal IP address or a malicious externa...

4.4CVSS5.9AI score0.00151EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/05 7:32 p.m.4 views

GHSA-42FC-7W97-8VRC XWiki PlantUML Macro Vulnerable to Server-Side Request Forgery (SSRF) via 'server' parameter

Impact The PlantUML Macro is vulnerable to Server-Side Request Forgery SSRF. The macro allows users to specify an alternative PlantUML server via the server parameter. However, the application does not validate the supplied URL. An attacker can supply an internal IP address or a malicious externa...

4.4CVSS5.9AI score0.00151EPSS
Exploits0References5
Rows per page
Query Builder