Filter
AND
-Infinity
0
Trending
Software
Splunk EnterpriseRisky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk Enterprise
5.7
First published (updated )
Splunk EnterpriseRisky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk Enterprise
5.7
First published (updated )
SplunkMaintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk Enterprise
6.5
First published (updated )
Splunk Cloud PlatformInformation Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard Studio
4.3
First published (updated )
Splunk EnterpriseMissing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway App
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkPermissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise
4.3
First published (updated )
Splunk EnterpriseRisky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameter
5.7
First published (updated )
Splunk EnterpriseInformation Disclosure due to Username Collision with a Role that has the same Name as the User
4.3
First published (updated )
Splunk Universal ForwardercURL libcurl could allow a local attacker to bypass security restrictions, caused by a SSH connectio…
5.5
First published (updated )
Splunk Universal ForwardercURL libcurl could allow a remote attacker to bypass security restrictions, caused by a GSS delegati…
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkSensitive Information Disclosure of Index Metrics through “mrollup” SPL Command
4.6
EPSS
0.04%
First published (updated )
SplunkPersistent Cross-Site Scripting (XSS) via props.conf on Splunk Enterprise
5.4
First published (updated )
SplunkSplunk App Key Value Store (KV Store) Improper Handling of Permissions Leads to KV Store Collection Deletion
6.5
EPSS
0.05%
First published (updated )
SplunkPersistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk Enterprise
5.4
First published (updated )
Splunk App for SOARPrivilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOAR
6.4
EPSS
0.04%
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Splunk App for Lookup File EditingSelf Cross-Site Scripting (XSS) on Splunk App for Lookup File Editing
6.1
First published (updated )
Splunk Cloud PlatformServer Response Disclosure in RapidDiag Salesforce.com Log File
5.3
EPSS
0.05%
First published (updated )
SplunkLow-privileged user could create experimental items
5.4
First published (updated )
SplunkRisky command safeguards bypass through Search ID query in Analytics Workspace
6.3
First published (updated )
SplunkImproperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon
6.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkPersistent Cross-site Scripting (XSS) in Dashboard Elements
5.4
First published (updated )
SplunkMaintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)
4.3
First published (updated )
SplunkImproper Access Control for low-privileged user in Splunk Secure Gateway App
4.3
First published (updated )
SplunkSensitive information disclosure in AdminManager logging channel
4.9
First published (updated )
SplunkLow-privileged User can View Hashed Default Splunk Password
4.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SplunkRole-based Access Control (RBAC) Bypass on '/services/indexing/preview' REST Endpoint Can Overwrite Search Results
4.3
First published (updated )
SplunkPersistent Cross-Site Scripting (XSS) through a URL Validation Bypass within a Dashboard View
5.4
First published (updated )
SplunkInformation Disclosure via the ‘copyresults’ SPL Command
5.3
First published (updated )
SplunkPersistent Cross-site Scripting (XSS) in Dashboard Elements
5.4
First published (updated )
Splunk Add-on BuilderModular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.