CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Overview Affected versions of this package are vulnerable to Observable Discrepancy in the authentication process, when Multi-Attribute Login is enabled. An attacker can determine the existence of valid usernames by observing distinct error messages returned by the system in response to login...

6.3CVSS6.7AI score0.00033EPSS

Exploits0References3

RedhatCVE•added 2025/09/25 8:41 a.m.•10 views

CVE-2025-9031

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing.This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS6.9AI score0.00059EPSS

Exploits0References1

NVD•added 2025/09/24 9:15 a.m.•3 views

CVE-2025-9031

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS0.00059EPSS

Exploits0References2

ATTACKERKB•added 2025/09/24 8:25 a.m.•2 views

CVE-2025-9031

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing. This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15...

4.3CVSS5.4AI score0.00059EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2025/09/24 12:0 a.m.•3 views

PT-2025-39236

Name of the Vulnerable Software and Affected Versions DivvyDrive Web versions 4.8.2.2 through 4.8.2.15 Description An issue exists in DivvyDrive Web that allows for Cross-Domain Search Timing. This is due to an Observable Timing Discrepancy. Recommendations Update to a version later than 4.8.2.15...

4.3CVSS6.6AI score0.00059EPSS

Exploits0References6

Tenable Nessus•added 2025/09/03 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2018-11100

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size,...

8.8CVSS8.2AI score0.00493EPSS

Exploits0References2

Positive Technologies•added 2025/08/22 12:0 a.m.•5 views

PT-2025-34460 · Reolink · Reolink Smart 2K+ Plug-In Wi-Fi Video Doorbell

Name of the Vulnerable Software and Affected Versions: Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime version 3.0.0.4662 2503122283 Description: A discrepancy in the error message returned by the login function when providing incorrect credentials allows attackers to enumerate existing...

7.3CVSS7.2AI score0.00113EPSS

Exploits1References5

CVE•added 2025/08/22 12:0 a.m.•13 views

CVE-2025-55630

The CVE-2025-55630 entry concerns Reolink Smart 2K+ Plug-in Wi‑Fi Video Doorbell with Chime, firmware 3.0.0.4662_2503122283. A discrepancy in the login error message when credentials are incorrect allows attackers to enumerate existing accounts. Public details across connected sources confirm the...

7.3CVSS6.8AI score0.00113EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/08/22 12:0 a.m.•7 views

CVE-2025-55630

A discrepancy in the error message returned by the login function of Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime - firmware v3.0.0.46622503122283 when entering the wrong username and password allows attackers to enumerate existing accounts...

0.00113EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by