EUVD-2025-31378

Malicious code in bioql PyPI...

CVE-2025-45994

An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active Directory via sending a crafted POST request to /user/existdirectory/1...

CVE-2025-45994

An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active Directory via sending a crafted POST request to /user/existdirectory/1...

CVE-2025-45994

An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active Directory via sending a crafted POST request to /user/existdirectory/1...

CVE-2025-45994

An issue in Aranda PassRecovery v1.0 allows attackers to enumerate valid user accounts in Active Directory via sending a crafted POST request to /user/existdirectory/1...

PT-2025-39669

Name of the Vulnerable Software and Affected Versions Aranda PassRecovery version 1.0 Description An issue allows attackers to enumerate valid user accounts in Active Directory. This is achieved by sending a crafted POST request to the /user/existdirectory/1 API endpoint. The POST request allows...

Aranda PassRecovery 安全漏洞

Aranda PassRecovery is a password recovery tool from the Colombian company Aranda. A security vulnerability exists in Aranda PassRecovery version 1.0, which stems from an unauthenticated specially crafted POST request that could lead to the enumeration of valid user accounts in Active Directory...