Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
splunk splunk vulnerabilities and exploits
(subscribe to this query)
6
CVSSv2
CVE-2010-3322
The XML parser in Splunk 4.0.0 up to and including 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors.
Splunk Splunk
6
CVSSv2
CVE-2010-2504
Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.0
Splunk Splunk 4.0.3
Splunk Splunk 4.0.8
Splunk Splunk 4.0.5
Splunk Splunk 4.0.9
Splunk Splunk 4.0.10
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.2
Splunk Splunk 4.1.1
Splunk Splunk 4.1
5.8
CVSSv2
CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
Haxx Curl 7.83.0
Netapp Snapcenter -
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Clustered Data Ontap -
Netapp Solidfire & Hci Management Node -
Netapp Active Iq Unified Manager -
Netapp H300s Firmware -
Netapp Bh500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Netapp Hci Compute Node Firmware -
Oracle Mysql Server
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.8
CVSSv2
CVE-2021-22945
When sending data to an MQTT server, libcurl <= 7.73.0 and 7.78.0 could in some circumstances erroneously keep a pointer to an already freed memory area and both use that again in a subsequent call to send data and also free it *again*.
Haxx Libcurl
Fedoraproject Fedora 33
Fedoraproject Fedora 35
Netapp Cloud Backup -
Netapp Clustered Data Ontap -
Oracle Mysql Server
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H300e Firmware -
Netapp H500e Firmware -
Netapp H700e Firmware -
Netapp H410s Firmware -
Netapp Solidfire Baseboard Management Controller Firmware -
Apple Macos
Siemens Sinec Ins
Debian Debian Linux 11.0
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
1 Github repository
5.8
CVSSv2
CVE-2016-4857
Open redirect vulnerability in Splunk Enterprise 6.4.x before 6.4.2, Splunk Enterprise 6.3.x before 6.3.6, Splunk Enterprise 6.2.x before 6.2.11 and Splunk Light before 6.4.2 allows to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
Splunk Splunk 6.2.9
Splunk Splunk 6.2.6
Splunk Splunk 6.3.4
Splunk Splunk 6.2.3
Splunk Splunk 6.2.1
Splunk Splunk 6.3.5
Splunk Splunk 6.4.1
Splunk Splunk 6.4.0
Splunk Splunk 6.3.0
Splunk Splunk 6.2.10
Splunk Splunk 6.2.7
Splunk Splunk 6.3.3
Splunk Splunk 6.2.0
Splunk Splunk 6.2.4
Splunk Splunk 6.2.8
Splunk Splunk 6.2.2
Splunk Splunk 6.2.5
Splunk Splunk
Splunk Splunk 6.3.1
Splunk Splunk 6.3.2
5.8
CVSSv2
CVE-2016-4859
Open redirect vulnerability in Splunk Enterprise 6.4.x before 6.4.3, Splunk Enterprise 6.3.x before 6.3.6, Splunk Enterprise 6.2.x before 6.2.10, Splunk Enterprise 6.1.x before 6.1.11, Splunk Enterprise 6.0.x before 6.0.12, Splunk Enterprise 5.0.x before 5.0.16 and Splunk Light b...
Splunk Splunk 5.0.15
Splunk Splunk 6.2.9
Splunk Splunk 6.1.8
Splunk Splunk 5.0.0
Splunk Splunk 6.2.6
Splunk Splunk 5.0.14
Splunk Splunk 6.3.4
Splunk Splunk 6.1.2
Splunk Splunk 6.1.5
Splunk Splunk 6.1.4
Splunk Splunk 6.1.10
Splunk Splunk 6.1.6
Splunk Splunk 6.2.3
Splunk Splunk 6.2.1
Splunk Splunk 6.3.5
Splunk Splunk 6.0.2
Splunk Splunk 6.1.7
Splunk Splunk 6.0.1
Splunk Splunk 6.0.7
Splunk Splunk 6.4.1
Splunk Splunk 5.0.12
Splunk Splunk 5.0.4
5.5
CVSSv2
CVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer. This affects SASL...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Netapp Clustered Data Ontap -
Netapp Solidfire & Hci Management Node -
Netapp Solidfire & Hci Storage Node -
Brocade Fabric Operating System -
Netapp Bootstrap Os -
Netapp H300s Firmware -
Netapp H500s Firmware -
Netapp H700s Firmware -
Netapp H410s Firmware -
Splunk Universal Forwarder 9.1.0
Splunk Universal Forwarder
5.1
CVSSv2
CVE-2022-26889
In Splunk Enterprise versions prior to 8.1.2, the uri path to load a relative resource within a web page is vulnerable to path traversal. It allows an malicious user to potentially inject arbitrary content into the web page (e.g., HTML Injection, XSS) or bypass SPL safeguards for...
Splunk Splunk
5
CVSSv2
CVE-2022-32155
In universal forwarder versions prior to 9.0, management services are available remotely by default. When not required, it introduces a potential exposure, but it is not a vulnerability. If exposed, we recommend each customer assess the potential severity specific to your environ...
Splunk Splunk
Splunk Splunk Cloud Platform
5
CVSSv2
CVE-2022-32157
Splunk Enterprise deployment servers in versions prior to 9.0 allow unauthenticated downloading of forwarder bundles. Remediation requires you to update the deployment server to version 9.0 and Configure authentication for deployment servers and clients (https://docs.splunk.com/D...
Splunk Splunk
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »