|
251561
|
4.9 |
MEDIUM
Network
|
splunk
|
splunk
|
In Splunk Enterprise versions below 9.3.1, 9.2.3, and 9.1.6, the software potentially exposes plaintext passwords for local native authentication Splunk users. This exposure could happen when you con…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2024-45739
|
2024-10-17 22:16 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251562
|
5.4 |
MEDIUM
Network
|
splunk
|
splunk
splunk_cloud_platform
|
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malic…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45740
|
2024-10-17 22:14 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251563
|
5.4 |
MEDIUM
Network
|
splunk
|
splunk_cloud_platform
splunk
|
In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the "admin" or "power" Splunk role…
|
CWE-79
Cross-site Scripting
|
CVE-2024-45741
|
2024-10-17 22:12 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251564
|
8.0 |
HIGH
Network
|
splunk
|
splunk
|
In Splunk Enterprise for Windows versions below 9.3.1, 9.2.3, and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could write a file to the Windows system root dir…
|
CWE-22
Path Traversal
|
CVE-2024-45731
|
2024-10-17 22:09 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251565
|
6.5 |
MEDIUM
Network
|
splunk
|
splunk
splunk_cloud_platform
|
In Splunk Enterprise versions below 9.3.1, and 9.2.0 versions below 9.2.3, and Splunk Cloud Platform versions below 9.2.2403.103, 9.1.2312.200, 9.1.2312.110 and 9.1.2308.208, a low-privileged user th…
|
CWE-862
Missing Authorization
|
CVE-2024-45732
|
2024-10-17 22:03 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251566
|
6.5 |
MEDIUM
Network
|
paloaltonetworks
|
expedition
|
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using thos…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2024-9466
|
2024-10-17 15:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251567
|
6.5 |
MEDIUM
Network
|
paloaltonetworks
|
expedition
|
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, clear…
|
CWE-78
OS Command
|
CVE-2024-9464
|
2024-10-17 15:15 |
2024-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251568
|
- |
|
-
|
-
|
Multiple Home GateWay/Hikari Denwa routers provided by NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION are vulnerable to insufficient access restrictions for Device Setting pages. If this vulnerabili…
|
-
|
CVE-2024-47044
|
2024-10-17 11:15 |
2024-09-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251569
|
8.8 |
HIGH
Network
|
splunk
|
splunk
|
In Splunk Enterprise for Windows versions below 9.2.3 and 9.1.6, a low-privileged user that does not hold the "admin" or "power" Splunk roles could perform a Remote Code Execution (RCE) due to an ins…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2024-45733
|
2024-10-17 07:26 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
251570
|
4.3 |
MEDIUM
Network
|
splunk
|
splunk
splunk_cloud_platform
|
In Splunk Enterprise versions below 9.2.3 and 9.1.6, and Splunk Secure Gateway versions on Splunk Cloud Platform versions below 3.4.259, 3.6.17, and 3.7.0, a low-privileged user that does not hold th…
|
NVD-CWE-noinfo
|
CVE-2024-45735
|
2024-10-17 07:20 |
2024-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
