show 102550100Custom Search BuilderAdd Condition columns ▾▼ pdf csv SVDDateTitleSeverityCVESVD-2025-04022025-04-02 Third-Party Package Updates in Splunk/UniversalForwarder Docker - April 2025MediumSVD-2025-04012025-04-02 Third-Party Package Updates in Splunk/Splunk Docker - April 2025HighSVD-2025-03122025-03-26 Third-Party Package Updates in Splunk Infrastructure Monitoring Add-on - March 2025HighSVD-2025-03112025-03-26 Third-Party Package Updates in Splunk Add-on for Microsoft Cloud Services - March 2025MediumSVD-2025-03102025-03-26 Incorrect permissions set by the “chmod“ and “makedirs“ Python functions in Splunk App for Lookup File EditingLow CVE-2025-20233SVD-2025-03092025-03-26 Third-Party Package Updates in Splunk App for Data Science and Deep Learning - March 2025HighSVD-2025-03082025-03-26 Third-Party Package Updates in Splunk Enterprise - March 2025HighSVD-2025-03072025-03-26 Missing Access Control and Incorrect Ownership of Data in App Key Value Store (KVStore) collections in the Splunk Secure Gateway AppMedium CVE-2025-20230SVD-2025-03062025-03-26 Information Disclosure through external content warning modal dialog box bypass in Splunk Enterprise Dashboard StudioMedium CVE-2025-20227SVD-2025-03052025-03-26 Risky command safeguards bypass in “/services/streams/search“ endpoint through “q“ parameter in Splunk EnterpriseMedium CVE-2025-20226SVD-2025-03042025-03-26 Risky Command Safeguards Bypass in “/app/search/search“ endpoint through “s“ parameter in Splunk EnterpriseMedium CVE-2025-20232SVD-2025-03032025-03-26 Maintenance mode state change of App Key Value Store (KVStore) through a Cross-Site Request Forgery (CSRF) in Splunk EnterpriseMedium CVE-2025-20228SVD-2025-03022025-03-26 Sensitive Information Disclosure in Splunk Secure Gateway AppHigh CVE-2025-20231SVD-2025-03012025-03-26 Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk EnterpriseHigh CVE-2025-20229SVD-2025-01032025-01-15 Regular Expression Denial of Service (ReDoS) in Splunk Supporting Add-on for Active Directory (SA-ldapsearch)Medium CVE-2025-0367SVD-2025-01012025-01-15 Privilege escalation for users who hold the “splunk_app_soar“ role in the Splunk App for SOARMedium CVE-2025-22621SVD-2025-01022025-01-07 Third-Party Package Updates in Splunk Add-on for JBoss - January 2025HighSVD-2024-12072024-12-10 Third-Party Package Updates in Splunk Universal Forwarder - December 2024InformationalSVD-2024-12062024-12-10 Third-Party Package Updates in Splunk Enterprise - December 2024HighSVD-2024-12052024-12-10 Remote Code Execution through Deserialization of Untrusted Data in Splunk Secure Gateway appHigh CVE-2024-53247SVD-2024-12042024-12-10 Sensitive Information Disclosure through SPL commandsMedium CVE-2024-53246SVD-2024-12032024-12-10 Information Disclosure due to Username Collision with a Role that has the same Name as the UserLow CVE-2024-53245SVD-2024-12022024-12-10 Risky command safeguards bypass in “/en-US/app/search/report“ endpoint through “s“ parameterMedium CVE-2024-53244SVD-2024-12012024-12-10 Information Disclosure in Mobile Alert Responses in Splunk Secure GatewayMedium CVE-2024-53243SVD-2024-11022024-11-26 Third-Party Package Updates in Splunk Machine Learning Toolkit - November 2024HighSVD-2024-11012024-11-26 Third-Party Package Updates in Python for Scientific Computing - November 2024LowSVD-2024-10152024-10-30 Third-Party Package Updates in the Splunk Add-on for Cisco Meraki - October 2024HighSVD-2024-10142024-10-30 Third-Party Package Updates in the Splunk Add-on for Google Cloud Platform - October 2024HighSVD-2024-10132024-10-17 Third-Party Package Updates in Splunk Add-on for Office 365 - October 2024HighSVD-2024-10122024-10-14 Third-Party Package Updates in Splunk Enterprise - October 2024HighSVD-2024-10112024-10-14 Persistent Cross-Site Scripting (XSS) via props.conf on Splunk EnterpriseMedium CVE-2024-45741SVD-2024-10102024-10-14 Persistent Cross-Site Scripting (XSS) through Scheduled Views on Splunk EnterpriseMedium CVE-2024-45740SVD-2024-10092024-10-14 Sensitive information disclosure in AdminManager logging channelMedium CVE-2024-45739SVD-2024-10082024-10-14 Sensitive information disclosure in REST_Calls logging channelMedium CVE-2024-45738SVD-2024-10072024-10-14 Maintenance mode state change of App Key Value Store (KVStore) through Cross-Site Request Forgery (CSRF)Medium CVE-2024-45737SVD-2024-10062024-10-14 Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk DaemonMedium CVE-2024-45736SVD-2024-10052024-10-14 Improper Access Control for low-privileged user in Splunk Secure Gateway AppMedium CVE-2024-45735SVD-2024-10042024-10-14 Low Privilege User can View Images on the Host Machine by using the PDF Export feature in Splunk Classic DashboardMedium CVE-2024-45734SVD-2024-10032024-10-14 Remote Code Execution (RCE) due to insecure session storage configuration in Splunk Enterprise on WindowsHigh CVE-2024-45733SVD-2024-10022024-10-14 Low-privileged user could run search as nobody in SplunkDeploymentServerConfig appHigh CVE-2024-45732SVD-2024-10012024-10-14 Potential Remote Command Execution (RCE) through arbitrary file write to Windows system root directory when Splunk Enterprise for Windows is installed on a separate diskHigh CVE-2024-45731SVD-2024-09012024-09-30 Third-Party Package Updates in Splunk Add-on for Amazon Web Services - September 2024HighSVD-2024-08012024-08-12 Third-Party Package Updates in Python for Scientific Computing - August 2024CriticalSVD-2024-07182024-07-01 Third-Party Package Updates in Splunk Enterprise - July 2024HighSVD-2024-07172024-07-01 Persistent Cross-site Scripting (XSS) in conf-web/settings REST endpointMedium CVE-2024-36997SVD-2024-07162024-07-01 Information Disclosure of user namesMedium CVE-2024-36996SVD-2024-07152024-07-01 Low-privileged user could create experimental itemsMedium CVE-2024-36995SVD-2024-07142024-07-01 Persistent Cross-site Scripting (XSS) in Dashboard ElementsMedium CVE-2024-36994SVD-2024-07132024-07-01 Persistent Cross-site Scripting (XSS) in Web BulletinMedium CVE-2024-36993SVD-2024-07122024-07-01 Persistent Cross-site Scripting (XSS) in Dashboard ElementsMedium CVE-2024-36992Showing 1 to 50 of 224 entriesPrevious12345Next