CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1372 matches found

Tenable Nessus•added 2026/05/20 12:0 a.m.•3 views

Splunk Enterprise 9.3.0 < 9.3.12, 9.4.0 < 9.4.11, 10.0.0 < 10.0.6, 10.2 < 10.2.3 (SVD-2026-0505)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0505 advisory. - Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr,...

7.5CVSS7.1AI score0.0004EPSS

Exploits0References2

ATTACKERKB•added 2026/04/15 3:17 p.m.•0 views

CVE-2026-20202

In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.10, and 9.3.11, and Splunk Cloud Platform versions below 10.4.2603.0, 10.3.2512.6, 10.2.2510.10, 10.1.2507.20, 10.0.2503.13, and 9.3.2411.127, a user who holds a role that contains the high-privilege capability editusercould create a special...

6.6CVSS5.8AI score0.00059EPSS

Exploits0References2Affected Software2

RedhatCVE•added 2026/03/26 2:59 p.m.•0 views

CVE-2026-20163

In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.0.2503.12, 10.1.2507.16, and 9.3.2411.124, a user who holds a role that contains the high-privilege capability editcmd could execute arbitrary shell commands using the...

7.2CVSS6.1AI score0.00075EPSS

Exploits0References1

EUVD•added 2026/03/11 6:30 p.m.•0 views

EUVD-2026-11232

In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.7, 10.1.2507.17, 10.0.2503.12, and 9.3.2411.124, a low-privileged user that does not hold the "admin" or "power" Splunk roles could retrieve sensitive information by inspectin...

6.3CVSS5.8AI score0.00046EPSS

Exploits0References2

EUVD•added 2026/03/11 6:30 p.m.•1 views

EUVD-2026-11230

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.10, and Splunk Cloud Platform versions below 10.2.2510.5, 10.1.2507.16, 10.0.2503.11, and 9.3.2411.123, a low-privileged user that does not hold the "admin" or "power" Splunk roles could access the...

6.5CVSS5.8AI score0.00048EPSS

Exploits0References2

ATTACKERKB•added 2026/03/11 4:18 p.m.•1 views

CVE-2026-20163

7.2CVSS6AI score0.00075EPSS

Exploits0References2Affected Software2

OSV•added 2026/02/18 6:24 p.m.•0 views

CVE-2026-20139

In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below 10.2.2510.3, 10.1.2507.8, 10.0.2503.9, and 9.3.2411.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload into the...

4.3CVSS5.8AI score0.00087EPSS

Exploits0References1

Tenable Nessus•added 2026/02/18 12:0 a.m.•3 views

Splunk Enterprise 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.2 (SVD-2026-0204)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0204 advisory. - In Splunk Enterprise versions below 10.2.0, 10.0.2, 9.4.8, 9.3.9, and 9.2.12, and Splunk Cloud Platform versions below...

4.3CVSS5.8AI score0.00087EPSS

Exploits0References2

Tenable Nessus•added 2026/01/29 12:0 a.m.•8 views

Splunk Enterprise 9.2.0 < 9.2.12, 9.3.0 < 9.3.9, 9.4.0 < 9.4.8, 10.0.0 < 10.0.3 (SVD-2026-0101)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2026-0101 advisory. - Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an...

8.7CVSS8.2AI score0.62808EPSS

Exploits38References2

Rapid7 Blog•added 2026/01/23 9:0 p.m.•5 views

Metasploit Wrap-Up 01/23/2026

Oracle E-Business Suite Unauth RCE This week, we are pleased to announce the addition of a module that exploits CVE-2025-61882, a pre-authentication remote code execution vulnerability in Oracle E-Business Suite versions 12.2.3 through 12.2.14. The exploit chains multiple flaws—including SSRF, pa...

9.8CVSS7.2AI score0.8949EPSS

Exploits24

RedhatCVE•added 2026/01/07 9:50 a.m.•4 views

CVE-2013-6772

Splunk before 5.0.4 lacks X-Frame-Options which can allow Clickjacking...

4.3CVSS7AI score0.00206EPSS

Exploits0References1

GithubExploit•added 2025/12/07 2:36 p.m.•133 views

Exploit for Improper Output Neutralization for Logs in Splunk

SPLUNK CVE-2025-20384 i dunno, i just read stuff my friendo s...

5.3CVSS7.2AI score0.00118EPSS

Exploits1

OSV•added 2025/12/03 5:15 p.m.•2 views

CVE-2025-20384

In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute ANSI escape codes into Splunk log files due to improper...

5.3CVSS5.8AI score0.00118EPSS

Exploits1References1

Tenable Nessus•added 2025/12/03 12:0 a.m.•2 views

Splunk Enterprise 9.2.0 < 9.2.10, 9.3.0 < 9.3.8, 9.4.0 < 9.4.6, 10.0 < 10.0.2 (SVD-2025-1204)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1204 advisory. - In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.6,...

4.8CVSS6.2AI score0.00028EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-8217

Malware in sbrugna...

4.3CVSS6.3AI score0.03324EPSS

Exploits3References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2010-3321

Malware in sbrugna...

4.6CVSS6.4AI score0.00391EPSS

Exploits0References2