Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
splunk splunk 4.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2502
Multiple directory traversal vulnerabilities in Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allow (1) remote malicious users to read arbitrary files, aka SPL-31194; (2) remote authenticated users to modify arbitrary files, aka SPL-31063; or (3) have an...
Splunk Splunk 4.0.7
Splunk Splunk 4.0.10
Splunk Splunk 4.0.9
Splunk Splunk 4.0
Splunk Splunk 4.0.6
Splunk Splunk 4.0.8
Splunk Splunk 4.0.1
Splunk Splunk 4.0.3
Splunk Splunk 4.0.5
Splunk Splunk 4.0.2
Splunk Splunk 4.0.4
Splunk Splunk 4.1
Splunk Splunk 4.1.1
NA
CVE-2010-2503
Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allow remote malicious users to inject arbitrary web script or HTML via (1) redirects, aka SPL-31067; (2) unspecified "user->user or user->adm...
Splunk Splunk 4.0.9
Splunk Splunk 4.0
Splunk Splunk 4.0.1
Splunk Splunk 4.0.2
Splunk Splunk 4.0.7
Splunk Splunk 4.0.4
Splunk Splunk 4.0.6
Splunk Splunk 4.0.8
Splunk Splunk 4.0.10
Splunk Splunk 4.0.3
Splunk Splunk 4.0.5
Splunk Splunk 4.1
Splunk Splunk 4.1.1
NA
CVE-2010-2504
Splunk 4.0 up to and including 4.0.10 and 4.1 up to and including 4.1.1 allows remote authenticated users to obtain sensitive information via HTTP header injection, aka SPL-31066.
Splunk Splunk 4.0.1
Splunk Splunk 4.0.2
Splunk Splunk 4.0.3
Splunk Splunk 4.0.4
Splunk Splunk 4.0.8
Splunk Splunk 4.0.10
Splunk Splunk 4.0
Splunk Splunk 4.0.5
Splunk Splunk 4.0.7
Splunk Splunk 4.0.9
Splunk Splunk 4.0.6
Splunk Splunk 4.1.1
Splunk Splunk 4.1
NA
CVE-2010-2429
Cross-site scripting (XSS) vulnerability in Splunk 4.0 up to and including 4.1.2, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response.
Splunk Splunk 4.0.8
Splunk Splunk 4.0.7
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.0.10
Splunk Splunk 4.0.9
Splunk Splunk 4.0.2
Splunk Splunk 4.0.1
Splunk Splunk 4.0.6
Splunk Splunk 4.0.5
Splunk Splunk 4.1
Splunk Splunk 4.0
Splunk Splunk 4.0.11
Splunk Splunk 4.0.4
Splunk Splunk 4.0.3
NA
CVE-2010-3323
Splunk 4.0.0 up to and including 4.1.4 allows remote malicious users to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.
Splunk Splunk 4.0
Splunk Splunk 4.0.11
Splunk Splunk 4.1.3
Splunk Splunk 4.1.4
Splunk Splunk 4.1
Splunk Splunk 4.1.2
Splunk Splunk 4.0.8
Splunk Splunk 4.0.10
Splunk Splunk 4.0.2
Splunk Splunk 4.0.3
Splunk Splunk 4.0.4
Splunk Splunk 4.0.5
Splunk Splunk 4.0.6
Splunk Splunk 4.1.1
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.9
NA
CVE-2011-4643
Multiple directory traversal vulnerabilities in Splunk 4.x prior to 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
Splunk Splunk 4.0
Splunk Splunk 4.0.1
Splunk Splunk 4.0.9
Splunk Splunk 4.0.10
Splunk Splunk 4.1.5
Splunk Splunk 4.1.6
Splunk Splunk 4.2.4
Splunk Splunk 4.0.5
Splunk Splunk 4.0.6
Splunk Splunk 4.1.1
Splunk Splunk 4.1.2
Splunk Splunk 4.2
Splunk Splunk 4.2.1
Splunk Splunk 4.0.2
Splunk Splunk 4.0.3
Splunk Splunk 4.0.4
Splunk Splunk 4.0.11
Splunk Splunk 4.1
Splunk Splunk 4.1.7
Splunk Splunk 4.1.8
Splunk Splunk 4.0.7
Splunk Splunk 4.0.8
1 EDB exploit
NA
CVE-2012-1908
Cross-site scripting (XSS) vulnerability in Splunk 4.0 up to and including 4.3 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Splunk Splunk 4.2.5
Splunk Splunk 4.2.4
Splunk Splunk 4.1
Splunk Splunk 4.0.11
Splunk Splunk 4.0.10
Splunk Splunk 4.0.9
Splunk Splunk 4.0.8
Splunk Splunk 4.2.2
Splunk Splunk 4.2
Splunk Splunk 4.1.4
Splunk Splunk 4.1.2
Splunk Splunk 4.0.7
Splunk Splunk 4.0.5
Splunk Splunk 4.1.8
Splunk Splunk 4.1.7
Splunk Splunk 4.1.6
Splunk Splunk 4.1.5
Splunk Splunk 4.0.3
Splunk Splunk 4.0.2
Splunk Splunk 4.0.1
Splunk Splunk 4.0
Splunk Splunk 4.2.3
NA
CVE-2011-4644
Splunk 4.2.5 and previous versions, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote malicious users to (1) read arbitrary files via a management-console se...
Splunk Splunk 4.1.7
Splunk Splunk 4.1.6
Splunk Splunk 4.1.5
Splunk Splunk 4.1.4
Splunk Splunk 4.0.2
Splunk Splunk 4.0.1
Splunk Splunk 4.0
Splunk Splunk 3.4.14
Splunk Splunk 3.3.3
Splunk Splunk 3.3.2
Splunk Splunk 3.3.1
Splunk Splunk 3.3
Splunk Splunk 3.0.2
Splunk Splunk 3.0.1
Splunk Splunk 3.0
Splunk Splunk 2.2.6
Splunk Splunk 2.2.3
Splunk Splunk 4.2.1
Splunk Splunk 4.1.8
Splunk Splunk 4.1.3
Splunk Splunk 4.1.1
Splunk Splunk 4.0.11
1 EDB exploit
NA
CVE-2013-6870
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk prior to 5.0.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Splunk Splunk 5.0.3
Splunk Splunk 5.0.1
Splunk Splunk 4.3.7
Splunk Splunk 5.0
Splunk Splunk
Splunk Splunk 5.0.4
Splunk Splunk 4.2.2
Splunk Splunk 4.2.1
Splunk Splunk 4.2.
Splunk Splunk 4.2
Splunk Splunk 4.0.5
Splunk Splunk 4.0.4
Splunk Splunk 4.0.3
Splunk Splunk 4.0.2
Splunk Splunk 3.4.12
Splunk Splunk 3.4.11
Splunk Splunk 3.4.10
Splunk Splunk 3.4.1
Splunk Splunk 3.4
Splunk Splunk 3.1.4
Splunk Splunk 3.1.3
Splunk Splunk 3.1.2
3.7
CVSSv3
CVE-2020-8284
A malicious server can use the FTP PASV response to trick curl 7.73.0 and previous versions into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing p...
Haxx Curl
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Clustered Data Ontap -
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Hci Storage Node -
Netapp Hci Bootstrap Os -
Apple Mac Os X
Apple Mac Os X 10.14.6
Apple Mac Os X 10.15.7
Apple Macos 11.0.1
Apple Macos 11.1
Apple Macos 11.2
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Communications Billing And Revenue Management 12.0.0.3.0
Oracle Essbase 21.2
Oracle Communications Cloud Native Core Policy 1.14.0
Fujitsu M10-1 Firmware
Fujitsu M10-4 Firmware
2 Github repositories
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgery
CVE-2024-34351
CVE-2024-1076
CVE-2024-25522
CVE-2024-34547
CVE-2024-4644
unauthorized
remote
CVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started