Lucene search
K

27 matches found

Prion
Prion
added 2017/01/10 11:59 a.m.15 views

Server side request forgery (ssrf)

Splunk Web in Splunk Enterprise 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x before 6.1.12, 6.2.x before 6.2.12, 6.3.x before 6.3.8, and 6.4.x before 6.4.4 allows remote attackers to conduct HTTP request injection attacks and obtain sensitive REST API authentication-token information via...

10CVSS7.1AI score0.03989EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2017/01/10 11:0 a.m.51 views

CVE-2016-10126

CVE-2016-10126 affects Splunk Enterprise and Splunk Web: multiple 5.0.x/6.x releases are vulnerable to remote HTTP request injection that can leak REST API authentication tokens via unspecified vectors (aka SPL-128840). Affected versions include 5.0.x before 5.0.17, 6.0.x before 6.0.13, 6.1.x bef...

10CVSS9.3AI score0.03989EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/11/18 12:0 a.m.7 views

Atlassian Crucible Server 3.9.x < 3.9.2 Multiple Vulnerabilities

Binary data 9781.prm...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2016/11/18 12:0 a.m.136 views

Splunk Enterprise Multiple Vulnerabilities (Nov 2016)

Splunk Enterprise is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:splunk:splunk"; if...

10CVSS8.9AI score0.2548EPSS
Exploits7References1
Tenable Nessus
Tenable Nessus
added 2016/11/17 12:0 a.m.908 views

Splunk Enterprise < 5.0.17 / 6.0.13 / 6.1.12 / 6.2.12 / 6.3.8 / 6.4.4 or Splunk Light < 6.5.0 Multiple Vulnerabilities

According to its self-reported version number, the version of Splunk Enterprise hosted on the remote web server is 5.0.x prior to 5.0.17, 6.0.x prior to 6.0.13, 6.1.x prior to 6.1.12, 6.2.x prior to 6.2.12, 6.3.x prior to 6.3.8, or 6.4.x prior to 6.4.4; or else it is Splunk Light prior to 6.5.0. ...

10CVSS7.5AI score0.2548EPSS
Exploits7References4
FreeBSD
FreeBSD
added 2015/01/12 12:0 a.m.41 views

asterisk -- Mitigation for libcURL HTTP request injection vulnerability

The Asterisk project reports: CVE-2014-8150 reported an HTTP request injection vulnerability in libcURL. Asterisk uses libcURL in its funccurl.so module the CURL dialplan function, as well as its resconfigcurl.so cURL realtime backend modules. Since Asterisk may be configured to allow for...

4.3CVSS9.1AI score0.0681EPSS
Exploits0References1
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.24 views

CVE-2001-1089

libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request...

8AI score0.01571EPSS
Exploits0References3
Rows per page
Query Builder