Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2024-37979
Windows Kernel Elevation of Privilege Vulnerability
Description: Windows Kernel Elevation of Privilege Vulnerability

CVSS: MEDIUM (6.7)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-37976
Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability
Description: Windows Resume Extensible Firmware Interface Security Feature Bypass Vulnerability

CVSS: MEDIUM (6.7)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36997
Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpoint
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312, an admin user could store and execute arbitrary JavaScript code in the browser context of another Splunk user through the conf-web/settings REST endpoint. This could potentially cause a persistent cross-site scripting (XSS) exploit.

CVSS: MEDIUM (4.6)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36996
Information Disclosure of user names
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109, an attacker could determine whether or not another user exists on the instance by deciphering the error response that they would likely receive from the instance when they attempt to log in. This disclosure could then lead to additional brute-force password-guessing attacks. This vulnerability would require that the Splunk platform instance uses the Security Assertion Markup Language (SAML) authentication scheme.

CVSS: MEDIUM (5.3)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36995
Low-privileged user could create experimental items
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could create experimental items.

CVSS: MEDIUM (4.3)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36994
Persistent Cross-site Scripting (XSS) in Dashboard Elements
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View and Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36993
Persistent Cross-site Scripting (XSS) in Web Bulletin
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a Splunk Web Bulletin Messages that could result in execution of unauthorized JavaScript code in the browser of a user.

CVSS: MEDIUM (5.4)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36992
Persistent Cross-site Scripting (XSS) in Dashboard Elements
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.207, a low-privileged user that does not hold the admin or power Splunk roles could craft a malicious payload through a View that could result in execution of unauthorized JavaScript code in the browser of a user. The “url” parameter of the Dashboard element does not have proper input validation to reject invalid URLs, which could lead to a Persistent Cross-site Scripting (XSS) exploit.

CVSS: MEDIUM (5.4)

EPSS Score: 0.05%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36990
Denial of Service (DoS) on the datamodel/web REST endpoint
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.2.2403.100, an authenticated, low-privileged user that does not hold the admin or power Splunk roles could send a specially crafted HTTP POST request to the datamodel/web REST endpoint in Splunk Enterprise, potentially causing a denial of service.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (4 months ago)

CVE-2024-36989
Low-privileged user could create notifications in Splunk Web Bulletin Messages
Description: In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileged user that does not hold the admin or power Splunk roles could create notifications in Splunk Web Bulletin Messages that all users on the instance receive.

CVSS: MEDIUM (6.5)

EPSS Score: 0.04%

Source: CVE
December 11th, 2024 (4 months ago)