Vulnerabilities
Aggregated CVE / GHSA / KEV / OSV — filter by tag and category.
| ID | Title | |
|---|---|---|
| CVE-2026-20265 |
|
Vulnerability in splunk (CVE-2026-20265)
vulnerability in splunk (CVE-2026-20265). Risk of unauthorized operations or information disclosure.
|
| CVE-2026-20266 |
|
OS Command Injection in splunk (CVE-2026-20266)
OS command injection in splunk (CVE-2026-20266). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20254 |
|
Vulnerability in splunk (CVE-2026-20254)
vulnerability in splunk (CVE-2026-20254). Confidential information can be exposed externally.
|
| CVE-2026-20259 |
|
Vulnerability in splunk (CVE-2026-20259)
vulnerability in splunk (CVE-2026-20259). Confidential information can be exposed externally. Exploitable via ``edit_saved_search_owner``.
|
| CVE-2026-20253 KEV |
|
[KEV] Vulnerability in splunk (CVE-2026-20253)
vulnerability in splunk (CVE-2026-20253). Successful exploitation can lead to full system takeover. Listed in CISA KEV — actively exploited.
|
| CVE-2026-20251 |
|
Unsafe Deserialization in deserialization (CVE-2026-20251)
vulnerability in deserialization (CVE-2026-20251). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20257 |
|
Vulnerability in splunk (CVE-2026-20257)
vulnerability in splunk (CVE-2026-20257). Confidential information can be exposed externally.
|
| CVE-2026-20258 |
|
Cross-Site Scripting (XSS) in splunk (CVE-2026-20258)
cross-site scripting in splunk (CVE-2026-20258). Successful exploitation can lead to full system takeover.
|
| CVE-2026-20255 |
|
Vulnerability in splunk (CVE-2026-20255)
vulnerability in splunk (CVE-2026-20255). Confidential information can be exposed externally.
|
| CVE-2026-20256 |
|
Vulnerability in splunk (CVE-2026-20256)
vulnerability in splunk (CVE-2026-20256). Confidential information can be exposed externally.
|
| CVE-2026-20252 |
|
SSRF (Server-Side Request Forgery) in splunk (CVE-2026-20252)
SSRF in splunk (CVE-2026-20252). Confidential information can be exposed externally.
|
| CVE-2026-20238 |
|
Authorization Flaw in splunk (CVE-2026-20238)
vulnerability in splunk (CVE-2026-20238). Confidential information can be exposed externally. Exploitable via ``srchFilter``.
|
| CVE-2026-20239 |
|
Vulnerability in splunk (CVE-2026-20239)
vulnerability in splunk (CVE-2026-20239). Successful exploitation can lead to full system takeover. Exploitable via ``_internal``.
|
| CVE-2026-20240 |
|
Vulnerability in dos (CVE-2026-20240)
vulnerability in dos (CVE-2026-20240). Risk of unauthorized operations or information disclosure. Exploitable via ``coldToFrozen.sh``.
|
| CVE-2022-27781 |
|
Vulnerability in haxx (CVE-2022-27781)
vulnerability in haxx (CVE-2022-27781). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_CERTINFO``.
|
| CVE-2022-27782 |
|
Vulnerability in haxx (CVE-2022-27782)
vulnerability in haxx (CVE-2022-27782). Data can be tampered with by attackers.
|
| CVE-2022-27775 |
|
Information Disclosure in haxx (CVE-2022-27775)
vulnerability in haxx (CVE-2022-27775). Confidential information can be exposed externally.
|
| CVE-2022-27774 |
|
Vulnerability in haxx (CVE-2022-27774)
vulnerability in haxx (CVE-2022-27774). Confidential information can be exposed externally.
|
| CVE-2022-22576 |
|
Authentication Bypass in haxx (CVE-2022-22576)
authentication bypass in haxx (CVE-2022-22576). Confidential information can be exposed externally.
|
| CVE-2021-22926 |
|
Vulnerability in haxx (CVE-2021-22926)
vulnerability in haxx (CVE-2021-22926). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSLCERT``.
|
| CVE-2021-22897 |
|
Vulnerability in haxx (CVE-2021-22897)
vulnerability in haxx (CVE-2021-22897). Risk of unauthorized operations or information disclosure. Exploitable via ``CURLOPT_SSL_CIPHER_LIST``.
|
| CVE-2017-17067 |
|
Authorization Flaw in splunk (CVE-2017-17067)
vulnerability in splunk (CVE-2017-17067). Successful exploitation can lead to full system takeover.
|
| CVE-2017-12572 |
|
Cross-Site Scripting (XSS) in splunk (CVE-2017-12572)
cross-site scripting in splunk (CVE-2017-12572). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4859 |
|
Open Redirect in splunk (CVE-2016-4859)
vulnerability in splunk (CVE-2016-4859). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4858 |
|
Cross-Site Scripting (XSS) in splunk (CVE-2016-4858)
cross-site scripting in splunk (CVE-2016-4858). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4857 |
|
Open Redirect in splunk (CVE-2016-4857)
vulnerability in splunk (CVE-2016-4857). Risk of unauthorized operations or information disclosure.
|
| CVE-2016-4856 |
|
Cross-Site Scripting (XSS) in splunk (CVE-2016-4856)
cross-site scripting in splunk (CVE-2016-4856). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-5607 |
|
Information Disclosure in c (CVE-2017-5607)
vulnerability in c (CVE-2017-5607). Risk of unauthorized operations or information disclosure.
|
| CVE-2017-7565 |
|
Path Traversal in path-traversal (CVE-2017-7565)
path traversal in path-traversal (CVE-2017-7565). Successful exploitation can lead to full system takeover.
|
| CVE-2017-5880 |
|
Vulnerability in dos (CVE-2017-5880)
vulnerability in dos (CVE-2017-5880). Risk of unauthorized operations or information disclosure.
|