Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
splunk universal forwarder 9.1.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2019-20838
libpcre in PCRE prior to 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454.
Pcre Pcre
Apple Macos
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
5.9
CVSSv3
CVE-2022-43552
A use after free vulnerability exists in curl <7.87.0. Curl can be asked to *tunnel* virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl...
Haxx Curl
Apple Macos
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
7.5
CVSSv3
CVE-2019-20454
An out-of-bounds read exists in PCRE prior to 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an malicious user to crash t...
Pcre Pcre2
Fedoraproject Fedora 31
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
7.5
CVSSv3
CVE-2022-35737
SQLite 1.0.12 up to and including 3.39.x prior to 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.
Sqlite Sqlite
Netapp Ontap Select Deploy Administration Utility -
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
1 Github repository
1 Article
9.8
CVSSv3
CVE-2022-36227
In libarchive prior to 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties di...
Libarchive Libarchive
Debian Debian Linux 10.0
Fedoraproject Fedora 37
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
7.5
CVSSv3
CVE-2022-27782
libcurl would reuse a previously created connection even when a TLS or SSHrelated option had been changed that should have prohibited reuse.libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse if one of them matches the setup. However, s...
Haxx Curl
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
8.8
CVSSv3
CVE-2021-30560
Use after free in Blink XSLT in Google Chrome before 91.0.4472.164 allowed a remote malicious user to potentially exploit heap corruption via a crafted HTML page.
Google Chrome
Xmlsoft Libxslt
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
7.5
CVSSv3
CVE-2022-42916
In curl prior to 7.86.0, the HSTS check could be bypassed to trick it into staying with HTTP. Using its HSTS support, curl can be instructed to use HTTPS directly (instead of using an insecure cleartext HTTP step) even when HTTP is provided in the URL. This mechanism could be byp...
Haxx Curl
Fedoraproject Fedora 35
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Apple Macos
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
6.5
CVSSv3
CVE-2021-36976
libarchive 3.4.1 up to and including 3.5.1 has a use-after-free in copy_string (called from do_uncompress_block and process_block).
Libarchive Libarchive
Fedoraproject Fedora 35
Apple Ipados
Apple Iphone Os
Apple Macos
Apple Watchos
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
7.5
CVSSv3
CVE-2020-8169
curl 7.62.0 up to and including 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s).
Haxx Curl
Siemens Simatic Tim 1531 Irc Firmware
Debian Debian Linux 10.0
Siemens Sinec Infrastructure Network Services
Splunk Universal Forwarder
Splunk Universal Forwarder 9.1.0
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2024-52320
SQL
logic flaw
CVE-2024-6387
CVE-2024-11457
CVE-2024-11329
CVE-2024-50404
CVE-2023-48788
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »