splunk

272 tracked vulnerabilities.

CVE-2023-27533 HIGH
curl < 8.0 - Remote Code Execution via TELNET Protocol Input Validation
Mar 30, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-23916 MEDIUM
curl 7.57.0-7.87.0 - Denial of Service via HTTP Compression Header Chain
Feb 23, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-23915 MEDIUM
curl 7.77.0-7.87.0 - Cleartext Transmission of Sensitive Information via HSTS Cache Overwrite
Feb 23, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-23914 CRITICAL
curl < 7.88.0 - Cleartext Transmission of Sensitive Information via HSTS State Mismanagement
Feb 23, 2023
CVSS 9.1
EPSS 0.00
CVE-2023-22943 MEDIUM
Splunk AoB <4.1.2 & Splunk CloudConnect SDK <3.1.3 - Info Disclosure
Feb 14, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-22942 MEDIUM
Splunk 8.1.0-8.1.12 - Cross-Site Request Forgery in Splunk Secure Gateway KV Store Endpoint
Feb 14, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-22941 MEDIUM
Splunk Enterprise <8.1.13, 8.2.10, 9.0.4 - DoS
Feb 14, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-22940 MEDIUM
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 - Unauthorized Data Exposure via SPL Command Aliases
Feb 14, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-22939 HIGH
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 - Authenticated SPL Safeguard Bypass via Map Command
Feb 14, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-22938 MEDIUM
Splunk Enterprise < 8.1.13, < 8.2.10, < 9.0.4 - Authenticated Email Spoofing via sendemail REST Endpoint
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-22937 MEDIUM
Splunk < 8.1.13 - Improper Input Validation
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-22936 MEDIUM
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 & Splunk Cloud < 9.0.2209.3 - SSRF via search_listener
Feb 14, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-22935 HIGH
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 - Authenticated SPL Safeguard Bypass via Search Parameter
Feb 14, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-22934 HIGH
Splunk Enterprise < 8.1.13, 8.2.10, 9.0.4 & Splunk Cloud < 9.0.2209.3 - Authenticated SPL Bypass via Pivot
Feb 14, 2023
CVSS 7.3
EPSS 0.00
CVE-2023-22933 HIGH
Splunk Enterprise < 8.1.13, < 8.2.10, < 9.0.4 - Cross-Site Scripting via XML View layoutPanel Attribute
Feb 14, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-22932 HIGH
Splunk 9.0.0-9.0.3 - Cross-Site Scripting via Base64-Encoded Image Error Message
Feb 14, 2023
CVSS 8.7
EPSS 0.01
CVE-2023-22931 MEDIUM
Splunk Enterprise < 8.1.13 and 8.2.10 - Improper Authorization in RSS Feed Creation
Feb 14, 2023
CVSS 4.3
EPSS 0.00
CVE-2022-43552 MEDIUM
curl < 7.87.0 - Use-After-Free in HTTP Proxy Tunnel Shutdown
Feb 09, 2023
CVSS 5.9
EPSS 0.00
CVE-2022-43551 HIGH
curl < 7.87.0 - Cleartext Transmission of Sensitive Information via HSTS Bypass
Dec 23, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-35260 MEDIUM
curl 7.84.0-7.85.0 - Out-of-bounds Read in .netrc Parser
Dec 05, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-32221 CRITICAL
curl - Exposure of Sensitive Information via Reused Handle Logic
Dec 05, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-36227 CRITICAL
libarchive <3.6.2 - Memory Corruption
Nov 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-43572 HIGH
Splunk Enterprise <8.2.9-9.0.2 - DoS
Nov 04, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-43570 HIGH
Splunk Enterprise <8.1.12-9.0.2 - XML External Entity Injection
Nov 04, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-43569 HIGH
Splunk Enterprise <8.1.12-9.0.2 - XSS
Nov 04, 2022
CVSS 8.0
EPSS 0.01
Products
splunk 192 splunk_cloud_platform 98 universal_forwarder 61 cloud 9 Splunk Enterprise 7 Splunk Cloud Platform 5 splunk_secure_gateway 4 add-on_builder 3 splunk_app_for_lookup_file_editing 3 Splunk MCP Server 2 Splunk Secure Gateway 2 enterprise_security 2 Splunk AI Toolkit 1 Splunk Add-on for Palo Alto Networks 1 Splunk App for SOAR 1 Splunk Supporting Add-on for Active Directory 1 cloudconnect_software_development_kit 1 hadoop_connect 1 it_service_intelligence 1 nozzle 1 soar 1 software_development_kit 1 splunk_app_for_stream 1
Quick Filters
Critical CVEs With Exploits In CISA KEV