threat
engine
.sh
Back
·
··:··
Home
/
Product
/
splunk cloud
Product
splunk cloud
29 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2026-20975
< 5.6.11
Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific fi
5.5
MEDIUM
CVE-2025-10492
<= 9.0.0
A Java deserialisation vulnerability has been discovered in Jaspersoft Library. Improper handling of externally supplied data may
9.8
CRITICAL
CVE-2024-3325
<= 8.0.4
Vulnerability in Jaspersoft JasperReport Servers.This issue affects JasperReport Servers: from 8.0.4 through 9.0.0.
7.2
HIGH
CVE-2024-36989
>= 9.1.2312 and < 9.1.2312.200
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, a low-privileg
7.1
HIGH
CVE-2024-36987
>= 9.1.2312 and < 9.1.2312.200
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200, an authenticat
4.3
MEDIUM
CVE-2024-36986
>= 9.1.2308 and < 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.200 and 9.1.2308.20
6.3
MEDIUM
CVE-2024-36982
>= 9.1.2308 and < 9.1.2308.207
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions below 9.1.2312.109 and 9.1.2308.20
7.5
HIGH
CVE-2024-20851
< 5.3.00.4
Improper access control vulnerability in Samsung Data Store prior to version 5.3.00.4 allows local attackers to launch arbitrary a
4.4
MEDIUM
CVE-2024-23677
< 9.0.2208
In Splunk Enterprise versions below 9.0.8, the Splunk RapidDiag utility discloses server responses from external applications in a
4.3
MEDIUM
CVE-2024-23676
< 9.1.2308.200
In Splunk versions below 9.0.8 and 9.1.3, the “mrollup” SPL command lets a low-privileged user view metrics on an index that t
4.6
MEDIUM
CVE-2024-23675
< 9.1.2312.100
In Splunk Enterprise versions below 9.0.8 and 9.1.3, Splunk app key value store (KV Store) improperly handles permissions for user
6.5
MEDIUM
CVE-2023-42578
<= 5.2.00.7
Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prior to version 5.2.00.7 allows r
6.5
MEDIUM
CVE-2023-46214
< 9.1.2308
In Splunk Enterprise versions below 9.0.7 and 9.1.2, Splunk Enterprise does not safely sanitize extensible stylesheet language tra
8.0
HIGH
CVE-2023-46213
< 9.1.2308
In Splunk Enterprise versions below 9.0.7 and 9.1.2, ineffective escaping in the “Show syntax Highlighted” feature can result
4.8
MEDIUM
CVE-2022-47875
all versions
A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbi
8.8
HIGH
CVE-2022-47874
all versions
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database conn
6.5
MEDIUM
CVE-2023-22949
all versions
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. There is logging of user credentials. All authenticated GSQL ac
4.9
MEDIUM
CVE-2023-22951
all versions
An issue was discovered in TigerGraph Enterprise Free Edition 3.x. It creates an authentication token for internal systems use. Th
8.8
HIGH
CVE-2023-21448
< 5.3.0.32
Path traversal vulnerability in Samsung Cloud prior to version 5.3.0.32 allows attacker to access specific png file.
5.7
MEDIUM
CVE-2023-21447
< 5.3.0.32
Improper access control vulnerabilities in Samsung Cloud prior to version 5.3.0.32 allows local attackers to access information wi
4.0
MEDIUM
CVE-2022-33713
< 5.2.0
Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information.
7.5
HIGH
CVE-2022-24932
< 5.1.0.8
Improper Protection of Alternate Path vulnerability in Setup wizard process prior to SMR Mar-2022 Release 1 allows physical attack
4.2
MEDIUM
CVE-2021-25368
< 4.7.0.3
Hijacking vulnerability in Samsung Cloud prior to version 4.7.0.3 allows attackers to intercept when the provider is executed.
3.3
LOW
CVE-2020-15507
<= 10.6
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3,
7.5
HIGH
CVE-2020-15506
<= 10.6
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2,
9.8
CRITICAL
CVE-2019-9945
all versions
SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGINX default configuration file has a check to verify the stat
9.8
CRITICAL
CVE-2018-14417
< 4.0.3
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the sn
9.8
CRITICAL
CVE-2014-3476
all versions
OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained del
CVE-2013-4365
all versions
Heap-based buffer overflow in the fcgid_header_bucket_read function in fcgid_bucket.c in the mod_fcgid module before 2.3.9 for the
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin