Filter
-Infinity
0

Trending

Last week
Last month
Last year

Palantir GothamGotham table and Forward App Path traversal

medium
6.5
First published (updated )
CVE-2023-30970

Palantir Video-Application-ServerGotham Video Broken Authentication

low
3.7
First published (updated )
CVE-2023-30954

Palantir Orbital SimulatorGotham Orbital Simulator path traversal

critical
9.8
First published (updated )
CVE-2023-30967

Palantir TilesPalantir Tiles missing authentication on API endpoints

high
8.2
First published (updated )
CVE-2023-30969

Palantir GothamPalantir Gotham UI bug that could lead to incorrect data classification

medium
6.5
First published (updated )
CVE-2023-30961

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Palantir Apollo AutopilotStored XSS via javascript URI in Apollo Change Requests comment

medium
5.4
First published (updated )
CVE-2023-30959

Palantir GothamStored XSS in cerberus attachments

medium
6.8
First published (updated )
CVE-2023-30962

Palantir FoundryFoundry Issues reporterPath phishing by parameter injection

medium
5
First published (updated )
CVE-2023-30952

Palantir FoundryThe foundry campaigns service was found to be vulnerable to an unauthenticated information disclosur…

medium
6.5
First published (updated )
CVE-2023-30950

Palantir MagritteXEE

medium
6.5
First published (updated )
CVE-2023-30951

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Palantir SlateA missing origin validation in Slate sandbox could be exploited by a malicious user to modify the pa…

medium
5.3
First published (updated )
CVE-2023-30949

Palantir FoundryIDOR in Foundry Comments allows retrieval of attachments

medium
5.3
First published (updated )
CVE-2023-30956

Palantir FoundryInsecure Direct Object Reference (IDOR) in Foundry job-tracker

medium
4.3
First published (updated )
CVE-2023-30960

Palantir Foundry FrontendStored XSS in Foundry Slate Query Dropdown menu

medium
5.4
First published (updated )
CVE-2023-30963

Palantir Foundry FrontendDenial of Service in Foundry Issues

high
7.7
First published (updated )
CVE-2023-22835

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Palantir FoundryIssues notification metadata lacks authorization

medium
4.3
First published (updated )
CVE-2023-30946

Palantir FoundryFoundry workspace-server Developer Mode Authorization Bypass

medium
5.4
First published (updated )
CVE-2023-30955

Palantir ContourThe contour service was not checking that users had permission to create an analysis for a given dataset

medium
4.3
First published (updated )
CVE-2023-22834

Palantir Clips2Path Traversal, Input Validation

critical
9.8
First published (updated )
CVE-2023-30945

Palantir FoundryMandatory control bypass in Lime2

high
7.6
First published (updated )
CVE-2023-22833

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Palantir FoundryRetrieval of Attachments to Comments lacks Authorization

medium
6.5
First published (updated )
CVE-2023-30948

Palantir GothamPalantir Gotham included an unauthenticated endpoint that listed all active usernames in the platform with an active session.

medium
5.3
First published (updated )
CVE-2022-27891

Palantir GothamGotham Chat IRC help does not validate hostnames in TLS certificates

medium
6.8
First published (updated )
CVE-2022-48306

Palantir GothamPalantir Gotham included an endpoint that would log arbitrary sized zip files.

high
7.5
First published (updated )
CVE-2022-27897

Palantir AtlasDBIt was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misu…

high
7.4
First published (updated )
CVE-2022-27890

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Palantir GothamPalantir Gotham included an endpoint that would log arbitrary sized payloads.

high
7.5
First published (updated )
CVE-2022-27892

Palantir Magritte-ftpIt was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a mis…

medium
6.3
First published (updated )
CVE-2022-48307

Palantir Sls-loggingIt was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misu…

medium
6.3
First published (updated )
CVE-2022-48308

Palantir FoundryA component in Foundry logging was found to be capturing sensitive information in logs.

high
7.5
First published (updated )
CVE-2022-27895

Palantir FoundryThe Foundry Code-Workbooks service was found to contain an issue leading to information disclosure.

high
7.5
First published (updated )
CVE-2022-27896

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203