|
Detect Large Outbound ICMP Packets
|
Palo Alto Network Traffic
|
Non-Application Layer Protocol
|
TTP
|
Backdoor Pingpong, China-Nexus Threat Activity, Command And Control
|
2025-03-27
|
|
Path traversal SPL injection
|
Splunk
|
File and Directory Discovery
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Persistent XSS in RapidDiag through User Interface Views
|
Splunk
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Absolute Path Traversal Using runshellscript
|
Splunk
|
File and Directory Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Account Discovery Drilldown Dashboard Disclosure
|
|
Account Discovery
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk CSRF in the SSG kvstore Client Endpoint
|
Splunk
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Data exfiltration from Analytics Workspace using sid query
|
Splunk
|
Exfiltration Over Web Service
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Digital Certificates Infrastructure Version
|
Splunk
|
Digital Certificates
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Digital Certificates Lack of Encryption
|
Splunk
|
Digital Certificates
|
Anomaly
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Disable KVStore via CSRF Enabling Maintenance Mode
|
Splunk
|
Service Stop
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk DoS Using Malformed SAML Request
|
Splunk
|
Network Denial of Service
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk DOS Via Dump SPL Command
|
Splunk
|
Application or System Exploitation
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk DoS via Malformed S2S Request
|
Splunk
|
Network Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk DoS via POST Request Datamodel Endpoint
|
|
Endpoint Denial of Service
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk DOS via printf search function
|
Splunk
|
Application or System Exploitation
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Edit User Privilege Escalation
|
Splunk
|
Abuse Elevation Control Mechanism
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Endpoint Denial of Service DoS Zip Bomb
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Enterprise Windows Deserialization File Partition
|
Splunk
|
Exploit Public-Facing Application
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk ES DoS Investigations Manager via Investigation Creation
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk ES DoS Through Investigation Attachments
|
Splunk
|
Endpoint Denial of Service
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk HTTP Response Splitting Via Rest SPL Command
|
Splunk
|
HTML Smuggling
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Identified SSL TLS Certificates
|
Splunk Stream TCP
|
Network Sniffing
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Image File Disclosure via PDF Export in Classic Dashboard
|
Splunk
|
Account Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Information Disclosure in Splunk Add-on Builder
|
Splunk
|
System Information Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk list all nonstandard admin accounts
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Low-Priv Search as nobody SplunkDeploymentServerConfig App
|
Splunk
|
Exploitation for Privilege Escalation
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Low Privilege User Can View Hashed Splunk Password
|
Splunk
|
Exploitation for Credential Access
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Persistent XSS via Props Conf
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Persistent XSS via Scheduled Views
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Persistent XSS Via URL Validation Bypass W Dashboard
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Process Injection Forwarder Bundle Downloads
|
Splunk
|
Process Injection
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Protocol Impersonation Weak Encryption Configuration
|
Splunk
|
Protocol or Service Impersonation
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk protocol impersonation weak encryption selfsigned
|
Splunk
|
Digital Certificates
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk protocol impersonation weak encryption simplerequest
|
Splunk
|
Digital Certificates
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk RBAC Bypass On Indexing Preview REST Endpoint
|
Splunk
|
Access Token Manipulation
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk RCE via External Lookup Copybuckets
|
Splunk
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk RCE via Serialized Session Payload
|
Splunk
|
Exploit Public-Facing Application
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk RCE via Splunk Secure Gateway Splunk Mobile alerts feature
|
Splunk
|
Exploitation of Remote Services
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Reflected XSS in the templates lists radio
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Reflected XSS on App Search Table Endpoint
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk risky Command Abuse disclosed february 2023
|
Splunk
|
Abuse Elevation Control Mechanism
Indirect Command Execution
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk SG Information Disclosure for Low Privs User
|
Splunk
|
Account Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Stored XSS conf-web Settings on Premises
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Stored XSS via Data Model objectName Field
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Stored XSS via Specially Crafted Bulletin Message
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Unauthenticated DoS via Null Pointer References
|
Splunk
|
Endpoint Denial of Service
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Unauthenticated Log Injection Web Service Log
|
Splunk
|
Exploit Public-Facing Application
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Unauthenticated Path Traversal Modules Messaging
|
Splunk
|
File and Directory Discovery
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Unauthorized Experimental Items Creation
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk Unauthorized Notification Input by User
|
Splunk
|
Abuse Elevation Control Mechanism
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk unnecessary file extensions allowed by lookup table uploads
|
Splunk
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk XSS in Highlighted JSON Events
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk XSS in Monitoring Console
|
|
Drive-by Compromise
|
TTP
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk XSS in Save table dialog header in search page
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk XSS Via External Urls in Dashboards SSRF
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Splunk XSS via View
|
Splunk
|
Drive-by Compromise
|
Hunting
|
Splunk Vulnerabilities
|
2025-04-16
|
|
Windows Service Created Within Public Path
|
Windows Event Log System 7045
|
Windows Service
|
TTP
|
Active Directory Lateral Movement, Snake Malware
|
2025-03-27
|