CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20785 matches found

Vulnrichment•added 2025/11/12 5:22 p.m.•4 views

CVE-2025-20378 Open Redirect on Web Login endpoint in Splunk Enterprise

In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121, an unauthenticated attacker could craft a malicious URL using the returnto parameter of the Splunk Web login endpoint. When an authenticated user...

3.1CVSS6.4AI score0.00205EPSS

Exploits0References1

CNNVD•added 2025/11/12 12:0 a.m.•4 views

Splunk Cloud Platform和Splunk Enterprise 信息泄露漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. An information disclosure vulnerability exists...

3.5CVSS6.4AI score0.00246EPSS

Exploits0References1

Positive Technologies•added 2025/11/12 12:0 a.m.•7 views

PT-2025-46680

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1 Splunk Enterprise versions 9.2.9 through 9.4.5 Splunk Cloud Platform versions below 9.3.2411.116 Splunk Cloud Platform versions 9.3.2408.124 and below Splunk Cloud Platform versions below 10.0.2503.5...

3.5CVSS6.8AI score0.00246EPSS

Exploits0References6

Positive Technologies•added 2025/11/12 12:0 a.m.•10 views

PT-2025-46679

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1, 9.4.5, 9.3.7, and 9.2.9 Splunk Cloud Platform versions prior to 10.0.2503.5, 9.3.2411.111, and 9.3.2408.121 Description An unauthenticated attacker could construct a malicious URL utilizing the retur...

6.1CVSS6.4AI score0.00205EPSS

Exploits0References6

CNNVD•added 2025/11/12 12:0 a.m.•2 views

Splunk Cloud Platform和Splunk Enterprise 输入验证错误漏洞

6.1CVSS6.3AI score0.00205EPSS

Exploits0References1

Tenable Nessus•added 2025/11/12 12:0 a.m.•3 views

Splunk Enterprise 9.2.0 < 9.2.9, 9.3.0 < 9.3.7, 9.4.0 < 9.4.5, 10.0.0 < 10.0.1 (SVD-2025-1101)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1101 advisory. - In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, 9.2.9, and Splunk Cloud Platform versions below 10.0.2503.5,...

6.1CVSS5.7AI score0.00205EPSS

Exploits0References2

Tenable Nessus•added 2025/11/12 12:0 a.m.•5 views

Splunk Enterprise 9.2.0 < 9.2.9, 9.3.0 < 9.3.7, 9.4.0 < 9.4.5, 10.0.0 < 10.0.1 (SVD-2025-1102)

The version of Splunk installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the SVD-2025-1102 advisory. - In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7, and 9.2.9 and Splunk Cloud Platform versions below 9.3.2411.116,...

3.5CVSS5.8AI score0.00246EPSS

Exploits0References2

Positive Technologies•added 2025/11/06 12:0 a.m.•2 views

PT-2025-45392

Name of the Vulnerable Software and Affected Versions Splunk Enterprise affected versions not specified Description A lack of proper input validation in the dashboard label or path can enable an attacker to cause a device error, potentially leading to information disclosure or data manipulation...

6.4CVSS6.2AI score0.00199EPSS

Exploits0References8