CVE-2025-20388

CVE-2025-20388 affects Splunk Enterprise and Splunk Cloud Platform. A user with a role that has the high-privilege capability change_authentication could enumerate internal IP addresses and network ports when adding new search peers to a Splunk search head in a distributed environment. Affected v...

Splunk Cloud Platform和Splunk Enterprise 代码问题漏洞

Splunk Cloud Platform and Splunk Enterprise are both products of Splunk Corporation, U.S.A. Splunk Cloud Platform is a powerful data collection, processing, and analytics service.Splunk Enterprise is a suite of data collection and analytics software. A code issue vulnerability exists in Splunk...

PT-2025-48960

Name of the Vulnerable Software and Affected Versions Splunk Enterprise versions prior to 10.0.1, 9.4.6, 9.3.8, and 9.2.10 Splunk Cloud Platform versions prior to 10.1.2507.4, 10.0.2503.7, and 9.3.2411.116 Description A user with a role containing the change authentication high privilege capabili...

Information Leakage

symfony/http-client is vulnerable to IP/port enumeration. The vulnerability is due to improper handling of IP filtering in the NoPrivateNetworkHttpClient, which fails to block certain IPs early enough during host resolution, allowing an attacker to enumerate IP addresses and ports, potentially...

CVE-2024-50342

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port...

CVE-2024-50342 Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client

symfony/http-client is a module for the Symphony PHP framework which provides powerful methods to fetch HTTP resources synchronously or asynchronously. When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port...

Symfony allows internal address and port enumeration by NoPrivateNetworkHttpClient

Description When using the NoPrivateNetworkHttpClient, some internal information is still leaking during host resolution, which leads to possible IP/port enumeration. Resolution The NoPrivateNetworkHttpClient now filters blocked IPs earlier to prevent such leaks. The fisrt patch for this issue is...

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Checkpoint Quantum_Spark_Firmware

CVE-2024-24919 Usage - Usage: ./CVE-2024-24919.sh -i -p...

PT-2021-19423 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.35.2 Description: An issue in the AbuseFilter extension for MediaWiki allows certain rules related to blocking accounts after account creation to be executed incorrectly. This could enable user accounts to be...