splunk

284 tracked vulnerabilities.

CVE-2020-8286 HIGH
libcurl 7.41.0-7.73.0 - Improper Certificate Validation via OCSP Response
Dec 14, 2020
CVSS 7.5
EPSS 0.05
CVE-2020-8285 HIGH
libcurl 7.21.0-7.73.0 - Uncontrolled Recursion via FTP Wildcard Match Parsing
Dec 14, 2020
CVSS 7.5
EPSS 0.10
CVE-2020-8284 LOW
curl < 7.73.0 - Exposure of Sensitive Information via FTP PASV Response
Dec 14, 2020
CVSS 3.7
EPSS 0.04
CVE-2020-8231 HIGH
libcurl 7.29.0-7.71.1 - Use-After-Free via Dangling Pointer
Dec 14, 2020
CVSS 7.5
EPSS 0.04
CVE-2020-8177 HIGH
curl 7.20.0-7.70.0 - Arbitrary File Overwrite via -J Flag
Dec 14, 2020
CVSS 7.8
EPSS 0.01
CVE-2020-8169 HIGH
curl 7.62.0-7.70.0 - Information Disclosure via Password Leak
Dec 14, 2020
CVSS 7.5
EPSS 0.03
CVE-2020-14155 MEDIUM
PCRE < 8.44 - Integer Overflow via Large Number After (?C Substring
Jun 15, 2020
CVSS 5.3
EPSS 0.04
CVE-2019-20838 HIGH
PCRE < 8.43 - Out-of-bounds Read in JIT with UTF Disabled
Jun 15, 2020
CVSS 7.5
EPSS 0.03
CVE-2019-20454 HIGH
PCRE2 10.31-10.33 - Out-of-bounds Read via \X Pattern in Non-UTF Mode
Feb 14, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-3800 MEDIUM
Cloud Foundry Command Line Interface < 6.45.0 - Insufficiently Protected Credentials in Config File
Aug 05, 2019
CVSS 6.3
EPSS 0.02
CVE-2019-5729 HIGH
Splunk-SDK-Python < 1.6.6 - Improper Certificate Validation
Mar 21, 2019
CVSS 8.1
EPSS 0.01
CVE-2019-5727 MEDIUM
Splunk Enterprise 6.0.0-6.5.4 & Splunk Light <6.6.0 - Stored XSS
Feb 21, 2019
CVSS 5.4
EPSS 0.01
CVE-2018-7432 HIGH
Splunk < 6.6.0 - Improper Input Validation
Oct 23, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-7431 MEDIUM
Splunk Enterprise 6.0.0-6.5.2 & Light <6.6.0 Authenticated Path Traversal
Oct 23, 2018
CVSS 6.5
EPSS 0.02
CVE-2018-7429 HIGH
Splunk Enterprise 6.2.0-6.2.13, 6.3.0-6.3.10, 6.4.0-6.4.7 & Light <6.5.0 DoS via Malformed HTTP Request
Oct 23, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-7427 MEDIUM
Splunk Enterprise 6.0.0-6.5.2 & Splunk Light <6.6.0 XSS
Oct 23, 2018
CVSS 6.1
EPSS 0.01
CVE-2018-11409 MEDIUM NUCLEI
Splunk < 7.0.1 - Unauthenticated Information Disclosure via Server Info Endpoint
Jun 08, 2018
CVSS 5.3
EPSS 0.98
CVE-2017-18348 HIGH
Splunk 6.6.0-6.6.10 - Privilege Escalation via splunk-launch.conf Modification
Oct 19, 2018
CVSS 7.0
EPSS 0.00
CVE-2017-17067 CRITICAL
Splunk 6.3.0-6.3.11 - Incorrect Authorization via SAML Authentication Bypass
Nov 30, 2017
CVSS 9.8
EPSS 0.03
CVE-2017-12572 MEDIUM
Splunk Enterprise 6.3.x-6.5.x and Splunk Light < 6.5.2 - Authenticated Persistent Cross-Site Scripting
Aug 05, 2017
CVSS 4.8
EPSS 0.01
CVE-2017-5607 LOW
Splunk Enterprise <6.5.1 & Splunk Light <6.5.2 - Sensitive Info Exposure via Global Window Namespace
Apr 10, 2017
CVSS 3.5
EPSS 0.06
CVE-2017-7565 HIGH
Splunk Hadoop Connect App - Path Traversal
Apr 06, 2017
CVSS 8.8
EPSS 0.02
CVE-2017-5880 MEDIUM
Splunk Enterprise 5.0.x-6.5.x and Splunk Light < 6.5.2 - Authenticated Denial of Service via Crafted GET Request
Feb 04, 2017
CVSS 6.5
EPSS 0.01
CVE-2016-4859 MEDIUM
Splunk < 6.4.2 - Open Redirect
May 12, 2017
CVSS 6.1
EPSS 0.01
CVE-2016-4858 MEDIUM
Splunk Enterprise < 6.4.2 - Cross-Site Scripting
May 12, 2017
CVSS 4.8
EPSS 0.01