Filter
AND
Versions
Splunk SplunkRemote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows
8.8
First published (updated )
Splunk Splunk Cloud PlatformLow-privileged user could run search as nobody in SplunkDeploymentServerConfig app
7.1
First published (updated )
Splunk SplunkPotential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk
8
First published (updated )
Splunk SplunkDenial of Service through null pointer reference in “cluster/config” REST endpoint
7.5
First published (updated )
Splunk SplunkPath Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkLow-privileged user could create notifications in Splunk Web Bulletin Messages
7.1
First published (updated )
Splunk SplunkSplunk Authentication Token Exposure in Debug Log in Splunk Enterprise
7.2
EPSS
0.04%
First published (updated )
Splunk SplunkRisky command safeguards bypass in Dashboard Examples Hub
8.1
EPSS
0.04%
First published (updated )
Splunk SplunkDeserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition
8.8
EPSS
0.05%
First published (updated )
Splunk SplunkRemote code execution (RCE) in Splunk Enterprise through Insecure XML Parsing
8.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkAbsolute Path Traversal in Splunk Enterprise Using runshellscript.py
8.8
First published (updated )
Splunk SplunkSplunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL
8.8
First published (updated )
Splunk SplunkDenial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request
7.5
First published (updated )
Splunk SplunkDenial of Service (DoS) via the ‘printf’ Search Function
7.5
First published (updated )
Splunk SplunkReflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint
8.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkCommand Injection in Splunk Enterprise Using External Lookups
8.8
First published (updated )
Splunk Splunk‘edit_user’ Capability Privilege Escalation
First published (updated )
Splunk SplunkUnauthenticated Log Injection in Splunk Enterprise
8.6
First published (updated )
Splunk SplunkPath Traversal in Splunk App for Lookup File Editing
8.1
First published (updated )
Splunk SplunkDenial Of Service due to Untrusted XML Tag in XML Parser within SAML Authentication
7.7
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkHTTP Response Splitting via the ‘rest’ SPL Command
8.8
First published (updated )
Splunk SplunkSPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk Enterprise
8.8
First published (updated )
Splunk SplunkPersistent Cross-Site Scripting through the ‘module’ Tag in a View in Splunk Enterprise
8
First published (updated )
Splunk SplunkPersistent Cross-Site Scripting through a Base64-encoded Image in a View in Splunk Enterprise
8.7
First published (updated )
Splunk SplunkImproperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkSPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise
8.8
First published (updated )
Splunk SplunkSPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise
8
First published (updated )
Splunk SplunkIndexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise
7.5
First published (updated )
Splunk SplunkXML External Entity Injection through a custom View in Splunk Enterprise
8.8
First published (updated )
Splunk SplunkPersistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.