Filter
-Infinity
0

SplunkSplunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.…

First published (updated )

SplunkSplunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x…

First published (updated )

SplunkSplunk Enterprise deployment servers allow client publishing of forwarder bundles

First published (updated )

Splunk App For StreamLocal Privilege Escalation via the ‘streamfwd’ program in Splunk App for Stream

First published (updated )

SplunkRemote Code Execution via Serialized Session Payload

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

F5 BIG-IP and BIG-IQ Centralized ManagementNull Pointer Dereference

First published (updated )

Splunk Universal ForwarderInteger Overflow

First published (updated )

redhat/curlInfoleak

First published (updated )

Splunk Universal ForwarderInput Validation

First published (updated )

SplunkIngest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

SplunkPath Traversal

First published (updated )

SplunkSplunk 4.2.5 and earlier, when a Free license is selected, enables potentially undesirable functiona…

First published (updated )

Splunk Universal ForwarderDouble Free

First published (updated )

Splunk Universal ForwarderUsing its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text …

First published (updated )

SplunkSplunk Enterprise disabled TLS validation using the CA certificate stores in Python 3 libraries by default

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

SplunkCode Injection

First published (updated )

SplunkSplunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL

8.8
First published (updated )

SplunkCommand Injection in Splunk Enterprise Using External Lookups

8.8
First published (updated )

SplunkDeserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk Partition

8.8
EPSS
0.05%
First published (updated )

Splunk Add-on BuilderSession Token Disclosure to Internal Log Files in Splunk Add-on Builder

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

SplunkCommand Injection using External Lookups

8.8
First published (updated )

SplunkRemote Code Execution through Serialized Session Payload in Splunk Enterprise on Windows

8.8
First published (updated )

Splunk EnterpriseRemote Code Execution (RCE) through an external lookup due to “copybuckets.py“ script in the “splunk_archiver“ application in Splunk Enterprise

8.8
First published (updated )

SplunkRemote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on Windows

8.8
First published (updated )

Splunk EnterpriseRemote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway app

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

SplunkHTTP Response Splitting via the ‘rest’ SPL Command

8.8
First published (updated )

Splunk‘edit_user’ Capability Privilege Escalation

First published (updated )

SplunkXEE

8.8
First published (updated )

Splunk Hadoop ConnectPath Traversal

8.8
First published (updated )

Splunk Universal ForwarderUse after free in Blink XSLT

8.8
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203