Filter
-Infinity
0
Trending
SplunkRisky command safeguards bypass via rex search command field names in Splunk Enterprise
8.8
First published (updated )
SplunkRisky command safeguards bypass via ‘tstats command JSON in Splunk Enterprise
8.8
First published (updated )
SplunkRisky command safeguards bypass via Search ID query in Analytics Workspace in Splunk Enterprise
8
First published (updated )
SplunkRemote Code Execution via the Splunk Secure Gateway application Mobile Alerts feature
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkXML External Entity Injection through a custom View in Splunk Enterprise
8.8
First published (updated )
SplunkRemote Code Execution through dashboard PDF generation component in Splunk Enterprise
8.8
First published (updated )
SplunkDenial of Service in Splunk Enterprise through search macros
6.5
First published (updated )
SplunkIndexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise
7.5
First published (updated )
SplunkReflected Cross-Site Scripting via the radio template in Splunk Enterprise
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkPersistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise
8
First published (updated )
SplunkPersistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise
6.4
First published (updated )
Splunk EnterpriseRemote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk Enterprise
8
First published (updated )
Splunk EnterpriseRisky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise
5.7
First published (updated )
Splunk EnterpriseRisky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk Enterprise
5.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkMaintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise
6.5
First published (updated )
Splunk Cloud PlatformInformation Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard Studio
4.3
First published (updated )
SplunkSPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise
8.8
First published (updated )
SplunkPermissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise
4.3
First published (updated )
Splunk‘edit_user’ Capability Privilege Escalation
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk Cloud PlatformSensitive Information Disclosure through SPL commands
7.5
First published (updated )
SplunkPersistent Cross-site Scripting (XSS) in conf-web/settings REST endpoint
8.1
First published (updated )
Splunk EnterpriseRisky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameter
5.7
First published (updated )
Splunk EnterpriseInformation Disclosure due to Username Collision with a Role that has the same Name as the User
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkSensitive Information Disclosure of Index Metrics through “mrollup” SPL Command
4.6
EPSS
0.04%
First published (updated )
SplunkPersistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise
5.4
First published (updated )
SplunkSplunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion
6.5
EPSS
0.05%
First published (updated )
SplunkImproperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon
7.5
First published (updated )
SplunkPersistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.