Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / splunk

splunk

272 tracked vulnerabilities.

CVE-2022-43568 HIGH

Splunk Enterprise <8.1.12-9.0.2 - XSS

CVE-2022-43567 HIGH

Splunk Enterprise <8.2.9-9.0.2 - Command Injection

CVE-2022-43566 HIGH

Splunk Enterprise <8.2.9, <8.1.12, <9.0.2 - Privilege Escalation

CVE-2022-43565 HIGH

Splunk Enterprise <8.2.9, 8.1.12 - CSRF

CVE-2022-43564 MEDIUM

Splunk Enterprise <8.1.12-9.0.2 - DoS

CVE-2022-43563 HIGH

Splunk Enterprise <8.2.9, 8.1.12 - Auth Bypass

CVE-2022-43562 LOW

Splunk Enterprise <8.1.12-9.0.2 - XSS

CVE-2022-43571 HIGH

Authenticated RCE in Splunk (SimpleXML dashboard PDF generation)

CVE-2022-43561 MEDIUM

Splunk Enterprise <8.1.12, 8.2.9, 9.0.2 - XSS

CVE-2022-42915 HIGH

curl 7.77.0-7.85.0 - Double Free via HTTP Proxy CONNECT Error Handling

CVE-2022-42916 HIGH

curl 7.77.0-7.85.0 - Cleartext Transmission of Sensitive Information via IDN Character Bypass

CVE-2022-35252 LOW

curl < 7.85.0 - Denial of Service via Cookie Control Code Injection

CVE-2022-37439 MEDIUM

Splunk Enterprise and Universal Forwarder 8.1.0-8.1.10 - Denial of Service via Malformed ZIP File

CVE-2022-37438 LOW

Splunk Enterprise 8.1.0-8.1.10 & Splunk Cloud <8.2.2203.4 Authenticated Info Exposure

CVE-2022-37437 HIGH

Splunk 9.0.0 - Improper Certificate Validation in Ingest Actions S3 Destination

CVE-2022-35737 HIGH

SQLite 1.0.12-3.39.x - Array Index Overflow via String Argument to C API

CVE-2022-32208 MEDIUM

curl 7.16.4-7.83.1 - Man-In-The-Middle Attack via FTP KRB5 Message Verification Failure

CVE-2022-32207 CRITICAL

curl 7.69.0-7.83.1 - Unauthenticated File Permission Overwrite via Atomic Rename

CVE-2022-32206 MEDIUM

curl < 7.84.0 - Denial of Service via Unbounded HTTP Compression Chain

CVE-2022-32205 MEDIUM

curl 7.71.0-7.84.0 - Denial of Service via Excessive Set-Cookie Headers

CVE-2022-32158 CRITICAL

Splunk < 9.0 - Unauthenticated Arbitrary Code Execution via Deployment Server

CVE-2022-32157 HIGH

Splunk < 9.0 - Unauthenticated Forwarder Bundle Download

CVE-2022-32156 HIGH

Splunk Enterprise and Universal Forwarder < 9.0 - Improper Certificate Validation in CLI

CVE-2022-32155 HIGH

Splunk < 9.0 - Unauthenticated Remote Management Services Exposure

CVE-2022-32154 MEDIUM

Splunk < 9.0 - SPL Safeguard Bypass via Form Token Injection

Previous Page 7 of 11 Next

Products

splunk 192 splunk_cloud_platform 98 universal_forwarder 61 cloud 9 Splunk Enterprise 7 Splunk Cloud Platform 5 splunk_secure_gateway 4 add-on_builder 3 splunk_app_for_lookup_file_editing 3 Splunk MCP Server 2 Splunk Secure Gateway 2 enterprise_security 2 Splunk AI Toolkit 1 Splunk Add-on for Palo Alto Networks 1 Splunk App for SOAR 1 Splunk Supporting Add-on for Active Directory 1 cloudconnect_software_development_kit 1 hadoop_connect 1 it_service_intelligence 1 nozzle 1 soar 1 software_development_kit 1 splunk_app_for_stream 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy