EUVD-2025-20300

Malicious code in bioql PyPI...

Splunk Enterprise 9.1.0 < 9.1.10, 9.2.0 < 9.2.7, 9.3.0 < 9.3.5, 9.4.0 < 9.4.3 (SVD-2025-0709)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-0709 advisory. - In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103,...

CVE-2010-2502

Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allow 1 remote attackers to read arbitrary files, aka SPL-31194; 2 remote authenticated users to modify arbitrary files, aka SPL-31063; or 3 have an unknown impact via redirects, aka SPL-31067...

CVE-2010-3322

The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity XXE attack to unknown vectors...

Splunk XSLT Upload Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Splunk Authenticated XSLT Upload RCE', 'Description' = %q This Metasploit module exploits a Remote Code Execution RCE vulnerability in Splunk...

VulnCheck KEV: CVE-2018-11409

Splunk through 7.0.1 allows information disclosure by appending raw/services/server/info/server-info?outputmode=json to a query, as demonstrated by discovering a license key...