10 matches found
CVE-2026-26185
Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reseturl parameter is provided, the response time differs by approximately 500ms between...
CVE-2026-26185
Directus before v11.14.1 is affected by a timing-based user enumeration vulnerability in the password reset flow. When an invalid reset_url is supplied, responses differ by about 500ms between existing and non-existing users, enabling enumeration of valid usernames. The issue is fixed in v11.14.1...
CVE-2026-26185 Directus Affected by User Enumeration via Password Reset Timing Attack
Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reseturl parameter is provided, the response time differs by approximately 500ms between...
CVE-2026-26185 Directus Affected by User Enumeration via Password Reset Timing Attack
Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reseturl parameter is provided, the response time differs by approximately 500ms between...
CVE-2026-26185
Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reseturl parameter is provided, the response time differs by approximately 500ms between...
CVE-2026-26185 Directus Affected by User Enumeration via Password Reset Timing Attack
Directus is a real-time API and App dashboard for managing SQL database content. Before 11.14.1, a timing-based user enumeration vulnerability exists in the password reset functionality. When an invalid reseturl parameter is provided, the response time differs by approximately 500ms between...
PT-2026-7914
Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.14.1 Description A timing-based user enumeration issue exists in the password reset functionality. Providing an invalid reset url parameter results in differing response times – approximately 500ms – between...
Directus 安全漏洞
Directus is an open-source real-time API and application dashboard developed by Directus. It is used to manage SQL database content. Versions of Directus prior to 11.14.1 contained a security vulnerability. This vulnerability stemmed from a time-based user enumeration vulnerability in the passwor...
Fedora 21 : asterisk-11.14.1-1.fc21 (2014-15621)
Fri Nov 21 2014 Jeffrey C. Ollie - 11.14.1-1 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1,...
Mandriva Linux Security Advisory : asterisk (MDVSA-2014:218)
Multiple vulnerabilities has been discovered and corrected in asterisk : Remote crash when handling out of call message in certain dialplan configurations CVE-2014-6610. Asterisk Susceptibility to POODLE Vulnerability CVE-2014-3566. Mixed IP address families in access control lists may permit...