Lucene search
+L

4 matches found

cnnvd
cnnvd
added 2026/06/11 12:0 a.m.15 views

VMware Spring Web Services 安全漏洞

VMware Spring Web Services is a SOAP Web services development framework provided by the American company VMware. There are security vulnerabilities in versions 5.0.0 to 5.0.1, 4.1.0 to 4.1.3, 4.0.0 to 4.0.18, and 3.1.0 to 3.1.8 of VMware Spring Web Services. These vulnerabilities stem from the...

5.3CVSS5.5AI score0.00366EPSS
Exploits0References1
osv
osv
added 2026/03/25 7:53 p.m.5 views

GHSA-M99F-MMVG-3XMX AVideo has Pre-Captcha User Enumeration and Account Status Disclosure in Password Recovery Endpoint

Summary The password recovery endpoint at objects/userRecoverPass.php performs user existence and account status checks before validating the captcha. This allows an unauthenticated attacker to enumerate valid usernames and determine whether accounts are active, inactive, or banned — at scale and...

5.3CVSS5.9AI score0.00278EPSS
Exploits1References4
cve
cve
added 2026/03/23 6:43 p.m.11 views

CVE-2026-33688

WWBN AVideo

5.3CVSS5.8AI score0.00278EPSS
Exploits1References2Affected Software1
cvelist
cvelist
added 2026/03/23 6:43 p.m.23 views

CVE-2026-33688 AVideo has Pre-Captcha User Enumeration and Account Status Disclosure in Password Recovery Endpoint

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the password recovery endpoint at objects/userRecoverPass.php performs user existence and account status checks before validating the captcha. This allows an unauthenticated attacker to enumerate valid usernames a...

5.3CVSS0.00278EPSS
Exploits1References2
Rows per page
Query Builder