splunk
284 tracked vulnerabilities.
CVE-2020-8286
HIGH
libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response
Dec 14, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-8285
HIGH
libcurl 7.21.0-7.73.0 - Uncontrolled Recursion via FTP Wildcard Match Parsing
Dec 14, 2020
CVSS 7.5
EPSS 0.10
CVE-2020-8284
LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.04
CVE-2020-8231
HIGH
libcurl 7.29.0-7.71.1 - Use-After-Free via Dangling Pointer
Dec 14, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-8177
HIGH
curl 7.20.0-7.70.0 - Arbitrary File Overwrite via -J Flag
Dec 14, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-8169
HIGH
curl 7.62.0-7.70.0 - Information Disclosure via Password Leak
Dec 14, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-14155
MEDIUM
PCRE < 8.44 - Integer Overflow via Large Number After (?C Substring
Jun 15, 2020
CVSS 5.3
EPSS 0.04
CVE-2019-20838
HIGH
PCRE < 8.43 - Out-of-bounds Read in JIT with UTF Disabled
Jun 15, 2020
CVSS 7.5
EPSS 0.03
CVE-2019-20454
HIGH
PCRE2 10.31-10.33 - Out-of-bounds Read via \X Pattern in Non-UTF Mode
Feb 14, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-3800
MEDIUM
Cloud Foundry Command Line Interface < 6.45.0 - Insufficiently Protected Credentials in Config File
Aug 05, 2019
CVSS 6.3
EPSS 0.02
CVE-2019-5729
HIGH
Splunk-SDK-Python < 1.6.6 - Improper Certificate Validation
Mar 21, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-5727
MEDIUM
Splunk Enterprise 6.0.0-6.5.4 & Splunk Light <6.6.0 - Stored XSS
Feb 21, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-7432
HIGH
Splunk < 6.6.0 - Improper Input Validation
Oct 23, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-7431
MEDIUM
Splunk Enterprise 6.0.0-6.5.2 & Light <6.6.0 Authenticated Path Traversal
Oct 23, 2018
CVSS 6.5
EPSS 0.02
CVE-2018-7429
HIGH
Splunk Enterprise 6.2.0-6.2.13, 6.3.0-6.3.10, 6.4.0-6.4.7 & Light <6.5.0 DoS via Malformed HTTP Request
Oct 23, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-7427
MEDIUM
Splunk Enterprise 6.0.0-6.5.2 & Splunk Light <6.6.0 XSS
Oct 23, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-11409
MEDIUM
NUCLEI
Splunk < 7.0.1 - Unauthenticated Information Disclosure via Server Info Endpoint
Jun 08, 2018
CVSS 5.3
EPSS 0.98
CVE-2017-18348
HIGH
Splunk 6.6.0-6.6.10 - Privilege Escalation via splunk-launch.conf Modification
Oct 19, 2018
CVSS 7.0
EPSS 0.00
CVE-2017-17067
CRITICAL
Splunk 6.3.0-6.3.11 - Incorrect Authorization via SAML Authentication Bypass
Nov 30, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-12572
MEDIUM
Splunk Enterprise 6.3.x-6.5.x and Splunk Light < 6.5.2 - Authenticated Persistent Cross-Site Scripting
Aug 05, 2017
CVSS 4.8
EPSS 0.01
CVE-2017-5607
LOW
Splunk Enterprise <6.5.1 & Splunk Light <6.5.2 - Sensitive Info Exposure via Global Window Namespace
Apr 10, 2017
CVSS 3.5
EPSS 0.06
CVE-2017-7565
HIGH
Splunk Hadoop Connect App - Path Traversal
Apr 06, 2017
CVSS 8.8
EPSS 0.02
CVE-2017-5880
MEDIUM
Splunk Enterprise 5.0.x-6.5.x and Splunk Light < 6.5.2 - Authenticated Denial of Service via Crafted GET Request
Feb 04, 2017
CVSS 6.5
EPSS 0.01
CVE-2016-4859
MEDIUM
Splunk < 6.4.2 - Open Redirect
May 12, 2017
CVSS 6.1
EPSS 0.01
CVE-2016-4858
MEDIUM
Splunk Enterprise < 6.4.2 - Cross-Site Scripting
May 12, 2017
CVSS 4.8
EPSS 0.01
Products
splunk 201
splunk_cloud_platform 106
universal_forwarder 61
Splunk Enterprise 16
Splunk Cloud Platform 14
cloud 9
splunk_secure_gateway 5
Splunk AI Toolkit 3
Splunk Secure Gateway 3
add-on_builder 3
ai_toolkit 3
splunk_app_for_lookup_file_editing 3
Splunk MCP Server 2
enterprise_security 2
Splunk Add-on for Palo Alto Networks 1
Splunk App for SOAR 1
Splunk SOAR 1
Splunk Supporting Add-on for Active Directory 1
cloudconnect_software_development_kit 1
hadoop_connect 1
it_service_intelligence 1
nozzle 1
soar 1
software_development_kit 1
splunk_app_for_stream 1
Quick Filters