| SVD-2023-0811 | 2023-08-30 | Third Party Package Updates in IT Service Intelligence (ITSI) | High | - |
| SVD-2023-0810 | 2023-08-30 | Unauthenticated Log Injection in Splunk IT Service Intelligence (ITSI) | High | CVE-2023-4571 |
| SVD-2023-0809 | 2023-08-30 | August Third Party Package Updates in Splunk Universal Forwarder | High | - |
| SVD-2023-0808 | 2023-08-30 | August Third Party Package Updates in Splunk Enterprise | High | - |
| SVD-2023-0807 | 2023-08-30 | Command Injection in Splunk Enterprise Using External Lookups | High | CVE-2023-40598 |
| SVD-2023-0806 | 2023-08-30 | Absolute Path Traversal in Splunk Enterprise Using runshellscript.py | High | CVE-2023-40597 |
| SVD-2023-0805 | 2023-08-30 | Splunk Enterprise on Windows Privilege Escalation due to Insecure OPENSSLDIR Build Definition Reference in DLL | High | CVE-2023-40596 |
| SVD-2023-0804 | 2023-08-30 | Remote Code Execution via Serialized Session Payload | High | CVE-2023-40595 |
| SVD-2023-0803 | 2023-08-30 | Denial of Service (DoS) via the ‘printf’ Search Function | Medium | CVE-2023-40594 |
| SVD-2023-0802 | 2023-08-30 | Denial of Service (DoS) in Splunk Enterprise Using a Malformed SAML Request | Medium | CVE-2023-40593 |
| SVD-2023-0801 | 2023-08-30 | Reflected Cross-site Scripting (XSS) on "/app/search/table" web endpoint | High | CVE-2023-40592 |
| SVD-2023-0702 | 2023-07-31 | Unauthenticated Log Injection In Splunk SOAR | High | CVE-2023-3997 |
| SVD-2023-0701 | 2023-07-17 | Splunk SOAR Cryptography Python Package Upgrade Incompatibility | Informational | - |
| SVD-2023-0615 | 2023-06-01 | June Third Party Package Updates in Splunk Cloud | High | - |
| SVD-2023-0614 | 2023-06-01 | June Third Party Package Updates in Splunk Universal Forwarders | Critical | - |
| SVD-2023-0613 | 2023-06-01 | June Third Party Package Updates in Splunk Enterprise | High | - |
| SVD-2023-0612 | 2023-06-01 | Role-based Access Control (RBAC) Bypass on '/services/indexing/preview' REST Endpoint Can Overwrite Search Results | Medium | CVE-2023-32717 |
| SVD-2023-0611 | 2023-06-01 | Denial of Service via the 'dump' SPL command | Medium | CVE-2023-32716 |
| SVD-2023-0610 | 2023-06-01 | Self Cross-Site Scripting (XSS) on Splunk App for Lookup File Editing | Medium | CVE-2023-32715 |
| SVD-2023-0609 | 2023-06-01 | Information Disclosure via the ‘copyresults’ SPL Command | Medium | CVE-2023-32710 |
| SVD-2023-0608 | 2023-06-01 | Path Traversal in Splunk App for Lookup File Editing | High | CVE-2023-32714 |
| SVD-2023-0607 | 2023-06-01 | Local Privilege Escalation via the ‘streamfwd’ program in Splunk App for Stream | High | CVE-2023-32713 |
| SVD-2023-0606 | 2023-06-01 | Unauthenticated Log Injection in Splunk Enterprise | High | CVE-2023-32712 |
| SVD-2023-0605 | 2023-06-01 | Persistent Cross-Site Scripting (XSS) through a URL Validation Bypass within a Dashboard View | Medium | CVE-2023-32711 |
| SVD-2023-0604 | 2023-06-01 | Low-privileged User can View Hashed Default Splunk Password | Medium | CVE-2023-32709 |
| SVD-2023-0603 | 2023-06-01 | HTTP Response Splitting via the ‘rest’ SPL Command | High | CVE-2023-32708 |
| SVD-2023-0602 | 2023-06-01 | ‘edit_user’ Capability Privilege Escalation | High | CVE-2023-32707 |
| SVD-2023-0601 | 2023-06-01 | Denial Of Service due to Untrusted XML Tag in XML Parser within SAML Authentication | High | CVE-2023-32706 |
| SVD-2023-0215 | 2023-02-14 | February Third Party Package Updates in Splunk Enterprise | High | - |
| SVD-2023-0214 | 2023-02-14 | Splunk Response to the Apache Software Foundation Publishing a Vulnerability on Apache Commons Text (CVE-2022-42889) (Text4Shell) | Informational | - |
| SVD-2023-0213 | 2023-02-14 | Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK | Medium | CVE-2023-22943 |
| SVD-2023-0212 | 2023-02-14 | Cross-Site Request Forgery in the ‘ssg/kvstore_client’ REST Endpoint in Splunk Enterprise | Medium | CVE-2023-22942 |
| SVD-2023-0211 | 2023-02-14 | Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon | Medium | CVE-2023-22941 |
| SVD-2023-0210 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise | Medium | CVE-2023-22940 |
| SVD-2023-0209 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk Enterprise | High | CVE-2023-22939 |
| SVD-2023-0208 | 2023-02-14 | Permissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise | Medium | CVE-2023-22938 |
| SVD-2023-0207 | 2023-02-14 | Unnecessary File Extensions Allowed by Lookup Table Uploads in Splunk Enterprise | Medium | CVE-2023-22937 |
| SVD-2023-0206 | 2023-02-14 | Authenticated Blind Server Side Request Forgery via the ‘search_listener’ Search Parameter in Splunk Enterprise | Medium | CVE-2023-22936 |
| SVD-2023-0205 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise | High | CVE-2023-22935 |
| SVD-2023-0204 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise | High | CVE-2023-22934 |
| SVD-2023-0203 | 2023-02-14 | Persistent Cross-Site Scripting through the ‘module’ Tag in a View in Splunk Enterprise | High | CVE-2023-22933 |
| SVD-2023-0202 | 2023-02-14 | Persistent Cross-Site Scripting through a Base64-encoded Image in a View in Splunk Enterprise | High | CVE-2023-22932 |
| SVD-2023-0201 | 2023-02-14 | ‘createrss’ External Search Command Overwrites Existing RSS Feeds in Splunk Enterprise | Medium | CVE-2023-22931 |
| SVD-2022-1113 | 2022-11-02 | November Third Party Package updates in Splunk Enterprise | High | - |
| SVD-2022-1112 | 2022-11-02 | Indexing blockage via malformed data sent through S2S or HEC protocols in Splunk Enterprise | High | CVE-2022-43572 |
| SVD-2022-1111 | 2022-11-02 | Remote Code Execution through dashboard PDF generation component in Splunk Enterprise | High | CVE-2022-43571 |
| SVD-2022-1110 | 2022-11-02 | XML External Entity Injection through a custom View in Splunk Enterprise | High | CVE-2022-43570 |
| SVD-2022-1109 | 2022-11-02 | Persistent Cross-Site Scripting via a Data Model object name in Splunk Enterprise | High | CVE-2022-43569 |
| SVD-2022-1108 | 2022-11-02 | Reflected Cross-Site Scripting via the radio template in Splunk Enterprise | High | CVE-2022-43568 |
| SVD-2022-1107 | 2022-11-02 | Remote Code Execution via the Splunk Secure Gateway application Mobile Alerts feature | High | CVE-2022-43567 |
| SVD-2022-1106 | 2022-11-02 | Risky command safeguards bypass via Search ID query in Analytics Workspace in Splunk Enterprise | High | CVE-2022-43566 |
| SVD-2022-1105 | 2022-11-02 | Risky command safeguards bypass via ‘tstats’ command JSON in Splunk Enterprise | High | CVE-2022-43565 |
| SVD-2022-1104 | 2022-11-02 | Denial of Service in Splunk Enterprise through search macros | Medium | CVE-2022-43564 |
| SVD-2022-1103 | 2022-11-02 | Risky command safeguards bypass via 'rex' search command field names in Splunk Enterprise | High | CVE-2022-43563 |
| SVD-2022-1102 | 2022-11-02 | Host Header Injection in Splunk Enterprise | Low | CVE-2022-43562 |
| SVD-2022-1101 | 2022-11-02 | Persistent Cross-Site Scripting in “Save Table” Dialog in Splunk Enterprise | Medium | CVE-2022-43561 |
| SVD-2022-1114 | 2022-11-01 | Splunk’s response to OpenSSL’s CVE-2022-3602 and CVE-2022-3786 | High | - |
| SVD-2022-0804 | 2022-08-16 | August Third Party Package updates in Splunk Enterprise and Universal Forwarders | Medium | - |
| SVD-2022-0803 | 2022-08-16 | Malformed ZIP file crashes Universal Forwarders and Splunk Enterprise through file monitoring input | Medium | CVE-2022-37439 |
| SVD-2022-0802 | 2022-08-16 | Information disclosure via the dashboard drilldown in Splunk Enterprise | Low | CVE-2022-37438 |
| SVD-2022-0801 | 2022-08-16 | Ingest Actions UI in Splunk Enterprise 9.0.0 disabled TLS certificate validation | High | CVE-2022-37437 |
| SVD-2022-0608 | 2022-08-16 | Splunk Enterprise deployment servers allow client publishing of forwarder bundles | Critical | CVE-2022-32158 |
| SVD-2022-0607 | 2022-08-16 | Splunk Enterprise deployment servers allow unauthenticated forwarder bundle downloads | High | CVE-2022-32157 |
| SVD-2022-0606 | 2022-06-14 | Splunk Enterprise and Universal Forwarder CLI connections lacked TLS certificate validation | High | CVE-2022-32156 |
| SVD-2022-0605 | 2022-06-14 | Universal Forwarder management services allow remote login by default | Info | CVE-2022-32155 |
| SVD-2022-0604 | 2022-06-14 | Risky commands warnings in Splunk Enterprise dashboards | Medium | CVE-2022-32154 |
| SVD-2022-0603 | 2022-06-14 | Splunk Enterprise lacked TLS host name certificate validation | High | CVE-2022-32153 |
| SVD-2022-0602 | 2022-06-14 | Splunk Enterprise lacked TLS certificate validation for Splunk-to-Splunk communication by default | High | CVE-2022-32152 |
| SVD-2022-0601 | 2022-06-14 | Splunk Enterprise disabled TLS validation using the CA certificate stores in Python 3 libraries by default | High | CVE-2022-32151 |
| SVD-2022-0507 | 2022-05-03 | Error message discloses internal path | Medium | CVE-2022-26070 |
| SVD-2022-0506 | 2022-05-03 | Path Traversal in search parameter results in external content injection | High | CVE-2022-26889 |
| SVD-2022-0505 | 2022-05-03 | Reflected XSS in a query parameter of the Monitoring Console | High | CVE-2022-27183 |
| SVD-2022-0504 | 2022-05-03 | Bypass of Splunk Enterprise's implementation of DUO MFA | High | CVE-2021-26253 |
| SVD-2022-0503 | 2022-05-03 | S2S TcpToken authentication bypass | High | CVE-2021-31559 |
| SVD-2022-0502 | 2022-05-03 | Username enumeration through lockout message in REST API | Medium | CVE-2021-33845 |
| SVD-2022-0501 | 2022-05-03 | Local privilege escalation via a default path in Splunk Enterprise Windows | High | CVE-2021-42743 |
| SVD-2022-0301 | 2022-03-24 | Indexer denial-of-service via malformed S2S request | High | CVE-2021-3422 |
| SVD-2021-1201 | 2021-12-10 | Splunk Security Advisory for Apache Log4j (CVE-2021-44228, CVE-2021-45046 and others) | Critical | - |
| SP-CAAAQAF | 2019-02-19 | Persistent Cross Site Scripting in Splunk Web (SPL-138827, CVE-2019-5727) | High | - |
| SP-CAAAQAD | 2019-01-14 | Untrusted TLS server certs verification is not present (CVE-2019-5729) | High | - |
| SP-CAAAP5T | 2018-09-28 | Splunk Enterprise and Splunk Light address multiple vulnerabilities | High | - |
| SP-CAAAP5E | 2018-06-18 | Splunk response to CVE-2018-11409: Information Exposure | Low | - |
| SP-CAAAPUE | 2017-12-15 | Splunk Enterprise 6.4.5 addresses multiple vulnerabilities | - | - |
| SP-CAAAP3M | 2017-11-27 | Splunk response to Potential Local Privilege Escalation through instructions to run Splunk as non-root user | High | - |
| SP-CAAAP3K | 2017-11-14 | Splunk Enterprise 7.0.0.1/7.0.1, 6.6.3.2/6.6.4, 6.5.6, 6.4.9 and 6.3.12 address multiple SAML vulnerabilitiesSplunk Enterprise and Splunk Light address multiple vulnerabilities | Critical | - |
| SP-CAAAP3H | 2017-08-21 | Splunk Enterprise 6.6.3 and Splunk Light 6.6.3 address multiple vulnerabilities | High | - |
| SP-CAAAP2U | 2017-06-06 | Splunk Enterprise 6.3.11 and Splunk Light 6.5.3 address one vulnerability | Low | - |
| SP-CAAAPZ3 | 2017-05-05 | Splunk Enterprise 6.5.3, 6.2.13.1 and Splunk Light 6.5.2 address multiple vulnerabilities | Medium | - |
| ERP-2041 | 2017-05-05 | Splunk response to Path Traversal vulnerability in Splunk Hadoop Connect App | High | - |
| SP-CAAAP2K | 2017-03-24 | Splunk Enterprise 6.4.7 and Splunk Light 6.5.3 address multiple vulnerabilities | Medium | - |
| SP-CAAAPYC | 2017-02-23 | Splunk Enterprise 6.4.6 and Splunk Light 6.5.2 address one vulnerability | Medium | - |
| SP-CAAAPW8 | 2017-01-25 | Splunk Enterprise 6.2.13 addresses multiple vulnerabilities | Medium | - |
| SP-CAAAPSV | 2016-11-12 | Splunk Enterprise 6.5.1 addresses multiple OpenSSL vulnerabilities | - | - |
| SP-CAAAPSR | 2016-11-10 | Splunk Enterprise 6.5.0, 6.4.4, 6.3.8, 6.2.12, 6.1.12, 6.0.13, and 5.0.17 address multiple vulnerabilitiess | - | - |
| SP-CAAAPQ6 | 2016-08-22 | Splunk Enterprise 6.4.3 and Splunk Light 6.4.3 address one vulnerability | Medium | - |
| SP-CAAAPQM | 2016-07-28 | Splunk Enterprise 6.4.2, 6.3.6, 6.2.11, 6.1.11, 6.0.12, 5.0.16 and Splunk Light 6.4.2 address multiple security vulnerabilities | Medium | - |
| SP-CAAAPN9 | 2016-06-06 | Splunk Enterprise 6.3.5 and Splunk Light 6.3.5 address two vulnerabilities | Medium | - |
| SP-CAAAPKV | 2016-04-06 | Splunk Enterprise 6.3.3.4, 6.2.9. 6.1.10, 6.0.11, and 5.0.15 and Splunk Light 6.3.3.4 and 6.2.9 address multiple vulnerabilities | Medium | - |
| SP-CAAAPC3 | 2015-11-19 | Splunk response to Path Traversal vulnerability in Splunk Hadoop Connect App | Medium | - |
| SP-CAAAPAM | 2015-09-14 | Splunk 4.2.3 addresses two vulnerabilities | High | - |
| SP-CAAAN7C | 2015-07-07 | Splunk Enterprise 6.2.4 and Splunk Light 6.2.4 address two vulnerabilities | Medium | - |
| SP-CAAAN4P | 2015-05-27 | Splunk Enterprise 6.1.8, 6.0.9, and 5.0.13 address multiple vulnerabilities | Low | - |
| SP-CAAAN84 | 2015-05-11 | Splunk Enterprise 6.2.5, 6.1.9, 6.0.10, 5.0.14 and Splunk Light 6.2.5 address multiple vulnerabilities | Medium | - |
| SP-CAAANZ7 | 2015-04-30 | Splunk Enterprise 6.2.3 and Splunk Light 6.2.3 address five vulnerabilities | High | - |
| SP-CAAANXD | 2015-03-24 | Splunk Enterprise 6.2.2 addresses two vulnerabilities | Medium | - |
| SP-CAAANV8 | 2015-02-23 | Splunk Enterprise 6.2.2 addresses two vulnerabilities | High | - |
| SP-CAAANVJ | 2015-01-28 | Splunk response to "GHOST" Vulnerability (CVE-2015-0235) | High | - |
| SP-CAAANU5 | 2015-01-28 | Splunk response to January 2015 OpenSSL vulnerabilities | High | - |
| SP-CAAANST | 2014-11-19 | Splunk Enterprise versions 6.0.7 and 5.0.11 address three vulnerabilities | | - |
| SP-CAAANR7 | 2014-11-11 | Splunk Enterprise 6.1.5 addresses two vulnerabilities | | - |
| SP-CAAANKE | 2014-10-14 | Splunk response to SSLv3 "POODLE" vulnerability (CVE-2014-3566) | | - |
| SP-CAAANHS | 2014-09-30 | Splunk Enterprise 6.1.4 and 5.0.10 address four vulnerabilities | | - |
| SP-CAAANJN | 2014-09-29 | Splunk response to "shellshock" vulnerabilities | | - |
| SP-CAAANE2 | 2014-09-03 | Splunk Enterprise 6.0.6 addresses two vulnerabilities | | - |
| SP-CAAAM9H | 2014-08-04 | Splunk Enterprise 6.1.3 addresses two vulnerabilities | | - |
| SP-CAAAM2D | 2014-07-01 | Splunk 6.0.3 addresses two vulnerabilities | | - |
| SP-CAAAMSH | 2014-05-09 | Splunk Enterprise 6.0.4 addresses one vulnerability | | - |
| SP-CAAAMB3 | 2014-04-10 | Splunk 6.0.3 addresses two vulnerabilities | | - |
| SP-CAAAKQX | 2014-03-28 | Splunk 5.0.8 addresses one vulnerability | | - |
| SP-CAAAJD5 | 2013-12-17 | Splunk 6.0.1 addresses one vulnerability | | - |
| SP-CAAAJCD | 2013-11-15 | Splunk 5.0.6 addresses one vulnerability | | - |
| SP-CAAAH76 | 2013-09-23 | Splunk 5.0.5 addresses one vulnerability | | - |
| SP-CAAAH32 | 2013-07-29 | Splunk 5.0.4 addresses one vulnerability | - | - |
| SP-CAAAHXG | 2013-05-28 | Splunk 5.0.3 addresses multiple vulnerabilities | | - |
| SP-CAAAHSQ | 2013-04-20 | Splunk 4.3.6 addresses one vulnerability | | - |
| SP-CAAAHB4 | 2012-11-16 | Splunk 4.3.5 and 5.0 address three vulnerabilities | | - |
| SP-CAAAHDG | 2012-11-01 | Splunk 5.0 updates to python 2.7.3, addressing two vulnerabilities | | - |
| SP-CAAAGTK | 2012-03-05 | Splunk 4.3.1 addresses one vulnerability | | - |
| SP-CAAAGMM | 2011-12-12 | Splunk 4.2.5 addresses three vulnerabilities | | - |
| SP-CAAAGGH | 2011-10-19 | Splunk 4.2.4 addresses two vulnerabilities | | - |
| SP-CAAAGD3 | 2011-08-09 | Splunk 4.2.3 addresses two vulnerabilities | | - |
| SP-CAAAF72 | 2011-06-15 | Open Redirect in Splunk Web | | - |
| SP-CAAAF5K | 2011-04-18 | Reflected XSS with Splunk Web | | - |
| SP-CAAAFW6 | 2011-02-10 | Splunk 4.1.7 addresses five security vulnerabilities | | - |
| SP-CAAAFVU | 2010-12-01 | Splunk 4.1.6 updates OpenSSL to 0.9.8p address CVE-2010-3864 | | - |
| SP-CAAAFQ6 | 2010-09-09 | Splunk 4.1.5 addresses two security vulnerabilities | | - |
| SP-CAAAFHY | 2010-06-07 | Cross-site Scripting in Splunk Web with 404 Responses in Internet Explorer | | - |
| SP-CAAAFGS | 2010-05-10 | Vulnerability in example PAM authentication script | | - |
| SP-CAAAFGD | 2010-05-03 | Splunk Critical Maintenance Release and Patch | | - |