Filters
Splunk SplunkSensitive information disclosure in AdminManager logging channel
4.9
First published (updated )
Splunk SplunkSensitive information disclosure in REST_Calls logging channel
4.9
First published (updated )
Splunk SplunkMaintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)
4.3
First published (updated )
Splunk SplunkRemote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows
8.8
First published (updated )
Splunk Splunk Cloud PlatformLow-privileged user could run search as nobody in SplunkDeploymentServerConfig app
7.1
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkImproperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon
6.5
First published (updated )
Splunk SplunkPersistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise
5.4
First published (updated )
Splunk SplunkLow Privilege User can View Images on the Host Machine by using the PDF Export feature in Splunk Classic Dashboard
4.3
First published (updated )
Splunk SplunkPersistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise
5.4
First published (updated )
Splunk SplunkPotential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate disk
8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkImproper Access Control for low-privileged user in Splunk Secure Gateway App
4.3
First published (updated )
Splunk SplunkPersistent Cross-site Scripting (XSS) in Web Bulletin
5.4
First published (updated )
Splunk SplunkLow-privileged user could create experimental items
5.4
First published (updated )
Splunk SplunkDenial of Service through null pointer reference in “cluster/config” REST endpoint
7.5
First published (updated )
Splunk SplunkPath Traversal on the “/modules/messaging/“ endpoint in Splunk Enterprise on Windows
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkDenial of Service (DoS) on the datamodel/web REST endpoint
6.5
First published (updated )
Splunk SplunkPersistent Cross-site Scripting (XSS) in Dashboard Elements
5.4
First published (updated )
Splunk SplunkRisky command safeguards bypass through Search ID query in Analytics Workspace
6.3
First published (updated )
Splunk SplunkPersistent Cross-site Scripting (XSS) in Dashboard Elements
5.4
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk SplunkLow-privileged user could create notifications in Splunk Web Bulletin Messages
7.1
First published (updated )
Splunk SplunkInsecure File Upload in the indexing/preview REST endpoint
6.5
First published (updated )
Splunk SplunkSplunk Authentication Token Exposure in Debug Log in Splunk Enterprise
7.2
EPSS
0.04%
First published (updated )
Splunk SplunkRisky command safeguards bypass in Dashboard Examples Hub
8.1
EPSS
0.04%
First published (updated )