High

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-06	CVE-2017-7565	Path Traversal vulnerability in Splunk Hadoop Connect Splunk Hadoop Connect App has a path traversal vulnerability that allows remote authenticated users to execute arbitrary code, aka ERP-2041. network low complexity splunk CWE-22	8.8
2014-04-07	CVE-2014-0160	Out-of-bounds Read vulnerability in multiple products The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. network low complexity openssl filezilla-project siemens intellian mitel opensuse canonical fedoraproject redhat debian ricon broadcom splunk CWE-125	7.5
2010-09-14	CVE-2010-3322	XXE vulnerability in Splunk The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive information and gain privileges via an XML External Entity (XXE) attack to unknown vectors. network low complexity splunk CWE-611	8.8