Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
splunk splunk 4.1.2 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2010-2429
Cross-site scripting (XSS) vulnerability in Splunk 4.0 up to and including 4.1.2, when Internet Explorer is used, allows remote malicious users to inject arbitrary web script or HTML via the HTTP Referer in a "404 Not Found" response.
Splunk Splunk 4.0.8
Splunk Splunk 4.0.7
Splunk Splunk 4.1.2
Splunk Splunk 4.1.1
Splunk Splunk 4.0.10
Splunk Splunk 4.0.9
Splunk Splunk 4.0.2
Splunk Splunk 4.0.1
Splunk Splunk 4.0.6
Splunk Splunk 4.0.5
Splunk Splunk 4.1
Splunk Splunk 4.0
Splunk Splunk 4.0.11
Splunk Splunk 4.0.4
Splunk Splunk 4.0.3
409
VMScore
CVE-2010-3323
Splunk 4.0.0 up to and including 4.1.4 allows remote malicious users to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter.
Splunk Splunk 4.0
Splunk Splunk 4.0.11
Splunk Splunk 4.1.3
Splunk Splunk 4.1.4
Splunk Splunk 4.1
Splunk Splunk 4.1.2
Splunk Splunk 4.0.8
Splunk Splunk 4.0.10
Splunk Splunk 4.0.2
Splunk Splunk 4.0.3
Splunk Splunk 4.0.4
Splunk Splunk 4.0.5
Splunk Splunk 4.0.6
Splunk Splunk 4.1.1
Splunk Splunk 4.0.1
Splunk Splunk 4.0.7
Splunk Splunk 4.0.9
405
VMScore
CVE-2011-4643
Multiple directory traversal vulnerabilities in Splunk 4.x prior to 4.2.5 allow remote authenticated users to read arbitrary files via a .. (dot dot) in a URI to (1) Splunk Web or (2) the Splunkd HTTP Server, aka SPL-45243.
Splunk Splunk 4.0
Splunk Splunk 4.0.1
Splunk Splunk 4.0.9
Splunk Splunk 4.0.10
Splunk Splunk 4.1.5
Splunk Splunk 4.1.6
Splunk Splunk 4.2.4
Splunk Splunk 4.0.5
Splunk Splunk 4.0.6
Splunk Splunk 4.1.1
Splunk Splunk 4.1.2
Splunk Splunk 4.2
Splunk Splunk 4.2.1
Splunk Splunk 4.0.2
Splunk Splunk 4.0.3
Splunk Splunk 4.0.4
Splunk Splunk 4.0.11
Splunk Splunk 4.1
Splunk Splunk 4.1.7
Splunk Splunk 4.1.8
Splunk Splunk 4.0.7
Splunk Splunk 4.0.8
1 EDB exploit
383
VMScore
CVE-2012-1908
Cross-site scripting (XSS) vulnerability in Splunk 4.0 up to and including 4.3 allows remote malicious users to inject arbitrary web script or HTML via unknown vectors.
Splunk Splunk 4.2.5
Splunk Splunk 4.2.4
Splunk Splunk 4.1
Splunk Splunk 4.0.11
Splunk Splunk 4.0.10
Splunk Splunk 4.0.9
Splunk Splunk 4.0.8
Splunk Splunk 4.2.2
Splunk Splunk 4.2
Splunk Splunk 4.1.4
Splunk Splunk 4.1.2
Splunk Splunk 4.0.7
Splunk Splunk 4.0.5
Splunk Splunk 4.1.8
Splunk Splunk 4.1.7
Splunk Splunk 4.1.6
Splunk Splunk 4.1.5
Splunk Splunk 4.0.3
Splunk Splunk 4.0.2
Splunk Splunk 4.0.1
Splunk Splunk 4.0
Splunk Splunk 4.2.3
935
VMScore
CVE-2011-4644
Splunk 4.2.5 and previous versions, when a Free license is selected, enables potentially undesirable functionality within an environment that intentionally does not support authentication, which allows remote malicious users to (1) read arbitrary files via a management-console se...
Splunk Splunk 4.1.7
Splunk Splunk 4.1.6
Splunk Splunk 4.1.5
Splunk Splunk 4.1.4
Splunk Splunk 4.0.2
Splunk Splunk 4.0.1
Splunk Splunk 4.0
Splunk Splunk 3.4.14
Splunk Splunk 3.3.3
Splunk Splunk 3.3.2
Splunk Splunk 3.3.1
Splunk Splunk 3.3
Splunk Splunk 3.0.2
Splunk Splunk 3.0.1
Splunk Splunk 3.0
Splunk Splunk 2.2.6
Splunk Splunk 2.2.3
Splunk Splunk 4.2.1
Splunk Splunk 4.1.8
Splunk Splunk 4.1.3
Splunk Splunk 4.1.1
Splunk Splunk 4.0.11
1 EDB exploit
383
VMScore
CVE-2013-6870
Cross-site scripting (XSS) vulnerability in Splunk Web in Splunk prior to 5.0.6 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Splunk Splunk 5.0.3
Splunk Splunk 5.0.1
Splunk Splunk 4.3.7
Splunk Splunk 5.0
Splunk Splunk
Splunk Splunk 5.0.4
Splunk Splunk 4.2.2
Splunk Splunk 4.2.1
Splunk Splunk 4.2.
Splunk Splunk 4.2
Splunk Splunk 4.0.5
Splunk Splunk 4.0.4
Splunk Splunk 4.0.3
Splunk Splunk 4.0.2
Splunk Splunk 3.4.12
Splunk Splunk 3.4.11
Splunk Splunk 3.4.10
Splunk Splunk 3.4.1
Splunk Splunk 3.4
Splunk Splunk 3.1.4
Splunk Splunk 3.1.3
Splunk Splunk 3.1.2
NA
CVE-2023-22943
In Splunk Add-on Builder (AoB) versions below 4.1.2 and the Splunk CloudConnect SDK versions below 3.1.3, requests to third-party APIs through the REST API Modular Input incorrectly revert to using HTTP to connect after a failure to connect over HTTPS occurs.
Splunk Cloudconnect Software Development Kit
Splunk Add-on Builder
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started