CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2025/03/26 12:0 a.m.•2 views

PT-2025-13011 · Splunk · Splunk Cloud Platform +1

Name of the Vulnerable Software and Affected Versions: Splunk Enterprise versions prior to 9.4.1 Splunk Enterprise versions prior to 9.3.3 Splunk Enterprise versions prior to 9.2.5 Splunk Enterprise versions prior to 9.1.8 Splunk Cloud Platform versions prior to 9.3.2408.107 Splunk Cloud Platform...

6.8CVSS6.3AI score0.00064EPSS

Exploits0References13

Tenable Nessus•added 2025/03/26 12:0 a.m.•10 views

Splunk Enterprise 9.1.0 < 9.1.8, 9.2.0 < 9.2.5, 9.3.0 < 9.3.3 (SVD-2025-0303)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0303 advisory. - In Splunk Enterprise versions below 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.2.2403.108, and...

6.5CVSS5.6AI score0.00299EPSS

Tenable Nessus•added 2025/03/26 12:0 a.m.•4 views

Splunk Enterprise 9.1.0 < 9.1.8, 9.2.0 < 9.2.5, 9.3.0 < 9.3.3, 9.4.0 < 9.4.1 (SVD-2025-0305)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0305 advisory. - In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107,...

5.7CVSS5.8AI score0.00064EPSS

Tenable Nessus•added 2025/03/26 12:0 a.m.•10 views

Splunk Enterprise 9.1.0 < 9.1.8, 9.2.0 < 9.2.5, 9.3.0 < 9.3.3, 9.4.0 < 9.4.1 (SVD-2025-0302)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0302 advisory. - In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8, and versions below 3.8.38 and 3.7.23 of the Splunk Secure...

7.1CVSS5.6AI score0.00137EPSS

Wolfi•added 2025/03/21 4:43 p.m.•18 views

CVE-2025-29923 vulnerabilities

Vulnerabilities for packages: atlantis, fluent-bit-plugin-loki, kots, falcosidekick, authservice, gitea, argo-cd, mattermost, oauth2-proxy, telegraf, loki, splunk-otel-collector...

3.7CVSS5.1AI score0.00163EPSS

Wolfi•added 2025/03/21 4:43 p.m.•11 views

GHSA-92CP-5422-2MW7 vulnerabilities

Vulnerabilities for packages: atlantis, fluent-bit-plugin-loki, kots, falcosidekick, authservice, gitea, argo-cd, mattermost, oauth2-proxy, telegraf, loki, splunk-otel-collector...

Chainguard•added 2025/03/21 4:12 p.m.•13 views

GHSA-92CP-5422-2MW7 vulnerabilities

Vulnerabilities for packages: argo-cd, mattermost, traefik-fips, oauth2-proxy, falcosidekick-fips, atlantis, telegraf, mattermost-fips, loki-fips, authservice, gitlab-cng, splunk-otel-collector, argo-cd-fips, keda-fips, splunk-otel-collector-fips, fluent-bit-plugin-loki, gitlab-cng-fips,...

Chainguard•added 2025/03/21 4:12 p.m.•19 views

CVE-2025-29923 vulnerabilities

3.7CVSS5.1AI score0.00163EPSS

Chainguard•added 2025/03/18 10:12 p.m.•16 views

GHSA-93MQ-9FFX-83M2 vulnerabilities

Vulnerabilities for packages: argo-cd, k8sgpt, eks-distro, grafana-alloy, opentelemetry-collector-fips, opentelemetry-collector-contrib, kargo, coredns-fips, coredns, elastic-agent-fips, amazon-cloudwatch-agent, grafana-alloy-fips, tempo, tempo-fips, eks-distro-fips, nats, splunk-otel-collector,...

BDU FSTEC•added 2025/03/13 12:0 a.m.•1 views

The vulnerability of the information extraction application for Active Directory in Splunk’s Supporting Add-on for Active Directory lies in the use of a regular expression with high computational complexity, which can lead to service interruptions.

The vulnerability of the Active Directory data extraction application “Splunk Supporting Add-on for Active Directory” is related to the use of a regular expression with high computational complexity. Exploiting this vulnerability could allow an attacker to cause a service failure...

6.8CVSS5.5AI score0.00195EPSS

Exploits0References2Affected Software1

BDU FSTEC•added 2025/03/13 12:0 a.m.•2 views

The vulnerability of the Splunk App for SOAR software lies in its insecure management of privileges, allowing attackers to elevate their privileges.

The vulnerability of the Splunk App for SOAR software relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to enhance their privileges remotely...

6.6CVSS5.4AI score0.00205EPSS

Exploits0References2Affected Software1

Citrix•added 2025/03/06 12:0 a.m.•9 views

uberAgent - Splunk dashboard does not display information about applications and desktops from DaaS

Splunk dashboard CVAD/DaaS Applications & Desktops does not display any information about published applications and desktops for DAAS. uberAgent.log file located in C:\Windows\Temp on the machine used for Citrix Cloud monitoring shows the errors: 2025-03-05 12:11:08.145...

6.7AI score

Citrix•added 2025/03/04 12:0 a.m.•18 views

uberAgent service stops after a few seconds

Windows' Services console shows that uberAgent service is not running. When manually started, the service starts and stops after a few seconds. uberAgent log file located in C:\Windows\Temp default location shows the issue with network driver startup. Example: 2025-03-01 17:28:33.013 +0200,INFO...

7AI score

Wolfi•added 2025/02/24 11:15 p.m.•14 views

CVE-2025-27144 vulnerabilities

Vulnerabilities for packages: nerdctl, kargo, kots, step-issuer, tflint, zot, neuvector-scanner, kubescape, harbor-registry, teleport, pulumi, vault-benchmark, opentofu, spire-controller-manager, melange, kyverno-policy-reporter, spiffe-helper, timestamp-authority, guac, bank-vaults, undock,...

8.7CVSS6.5AI score0.00152EPSS

Wolfi•added 2025/02/24 10:49 p.m.•18 views

GHSA-C6GW-W398-HV78 vulnerabilities