Vulnerabilidades em Splunk
170 resultadosCVE-2025-20385LOWStored Cross-Site scripting (XSS) through Anchor Tag "href" in Navigation Bar Collections in Splunk EnterpriseEPSS 0.2%CVE-2026-20164MEDIUMSensitive Information Disclosure through Improper Access Control in Splunk EnterpriseEPSS 0.2%CVE-2026-20137LOWRisky Commands Safeguards Bypass through preloaded Data Models due to Path Traversal vulnerability in Splunk EnterpriseEPSS 0.2%CVE-2025-20324MEDIUMImproper Access Control in System Source Types Configuration in Splunk EnterpriseEPSS 0.2%CVE-2024-23678HIGHDeserialization of Untrusted Data on Splunk Enterprise for Windows through Path Traversal from Separate Disk PartitionEPSS 0.2%CVE-2021-42743HIGHLocal privilege escalation via a default path in Splunk Enterprise WindowsEPSS 0.2%CVE-2026-20265MEDIUMInsecure Default Domain Allowlist in Splunk AI ToolkitEPSS 0.2%CVE-2023-40597HIGHAbsolute Path Traversal in Splunk Enterprise Using runshellscript.pyEPSS 0.2%CVE-2024-36995MEDIUMLow-privileged user could create experimental itemsEPSS 0.2%CVE-2024-45737MEDIUMMaintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)EPSS 0.2%CVE-2025-20228MEDIUMMaintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk EnterpriseEPSS 0.2%CVE-2025-20378LOWOpen Redirect on Web Login endpoint in Splunk EnterpriseEPSS 0.2%CVE-2023-22942MEDIUMCross-Site Request Forgery in the ‘ssg/kvstore_client’ REST Endpoint in Splunk EnterpriseEPSS 0.2%CVE-2026-20162MEDIUMStored Cross-Site Scripting (XSS) through Path Traversal in Splunk EnterpriseEPSS 0.2%CVE-2026-20260MEDIUMLog Injection through HTTP Request Paths in Splunk SOAREPSS 0.2%CVE-2026-20257MEDIUMImproper Input Validation through Classic Dashboard CSS in Splunk EnterpriseEPSS 0.2%CVE-2025-20373LOWSensitive Information Disclosure in “_internal“ index through Splunk Add-On for Palo Alto NetworksEPSS 0.2%CVE-2022-37439MEDIUMMalformed ZIP file crashes Universal Forwarders and Splunk Enterprise through file monitoring inputEPSS 0.2%CVE-2025-20382LOWURL validation bypass through Views Dashboard in Splunk EnterpriseEPSS 0.2%CVE-2026-20259MEDIUMImproper Access Control in Splunk EnterpriseEPSS 0.2%