2571 matches found
CVE-2025-20388
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability changeauthentication could enumerate internal IP addresses and network por...
CVE-2025-20388
CVE-2025-20388 affects Splunk Enterprise and Splunk Cloud Platform. A user with a role that has the high-privilege capability change_authentication could enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment. Affected v...
CVE-2025-20388 Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability changeauthentication could enumerate internal IP addresses and network por...
CVE-2025-20388 Blind Server Side Request Forgery (SSRF) through Distributed Search Peers in Splunk Enterprise
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116, a user who holds a role that contains the high privilege capability changeauthentication could enumerate internal IP addresses and network por...
USN-7907-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...
USN-7907-1 linux, linux-aws, linux-aws-hwe, linux-kvm, linux-oracle vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...
Huawei HarmonyOS Privilege Control Vulnerability (CNVD-2025-30299)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which arises from improper privilege control of distributed components and can be exploited by ...
PT-2025-48960
Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1, 9.4.6, 9.3.8, and 9.2.10 Splunk Cloud Platform versions prior to 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116 Description A user with a role containing the change authentication high privilege capabili...
CVE-2025-59390
Apache Druid’s Kerberos authenticator uses a weak fallback secret when the druid.auth.authenticator.kerberos.cookieSignatureSecret configuration is not explicitly set. In this case, the secret is generated using ThreadLocalRandom, which is not a crypto-graphically secure random number generator...
Building Distributed Apps? Akamai and Fermyon Are Changing the Game.
...
Quantum Ramp Secret Sharing from Haar Scrambling
Quantum information scrambling has emerged as a powerful tool for studying the dynamics of chaotic quantum many-body systems, assessing benchmarking protocols, and even investigating exotic black hole models. During quantum information scrambling, localized quantum information disperses across th...
CVE-2025-58310
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
XMall 安全漏洞
XMall is a distributed e-commerce shopping mall based on SOA architecture by an individual developer at Exrick. A security vulnerability exists in XMall v1.1, which stems from improper handling of user input and could lead to cross-site scripting attacks...
CVE-2025-58310
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58310
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
EUVD-2025-199838
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58310
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58310
Permission control vulnerability in the distributed component. Impact: Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2025-58310
Huawei HarmonyOS is affected by a privilege-control vulnerability in its distributed components. The issue stems from improper privilege control within the distribution framework, potentially enabling an attacker to affect service confidentiality. The CNVD entry and related sources describe Harmo...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the Wi-Fi module and can be exploited by an...