CVE-2024-36510

An observable response discrepancy vulnerability CWE-204 in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid use...

CVE-2024-36510

An observable response discrepancy vulnerability CWE-204 in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid use...

CVE-2024-13198

A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

CVE-2024-13198

CVE-2024-13198 affects langhsu Mblog Blog System 3.5.0. The vulnerability is in an unknown function of the file /login , causing an observable response discrepancy. It can be exploited remotely, with attack complexity described as high. Exploit has been disclosed publicly. Vendor response to disc...

CVE-2024-13198 langhsu Mblog Blog System login observable response discrepancy

A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

CVE-2024-13028

A vulnerability, which was classified as problematic, has been found in Antabot White-Jotter up to 0.2.2. This issue affects some unknown processing of the file /login. The manipulation of the argument username leads to observable response discrepancy. The attack may be initiated remotely. The...

CVE-2024-54454

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinitLink action of the unlogged.do page allows remote attackers to test whether a username is valid or...

CVE-2024-54454

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinitLink action of the unlogged.do page allows remote attackers to test whether a username is valid or...

PT-2024-36340 · Kurmi · Kurmi Provisioning Suite

Name of the Vulnerable Software and Affected Versions: Kurmi Provisioning Suite versions prior to 7.9.0.35 Kurmi Provisioning Suite versions 7.10.x through 7.10.0.18 Kurmi Provisioning Suite versions 7.11.x through 7.11.0.15 Description: An issue was discovered in the sendPasswordReinitLink actio...

CVE-2024-54454

CVE-2024-54454 affects Kurmi Provisioning Suite prior to 7.9.0.35, 7.10.x ≤ 7.10.0.18, and 7.11.x ≤ 7.11.0.15. The issue is an observable response discrepancy in the sendPasswordReinitLink action on the unlogged.do page, enabling remote attackers to determine whether a given username is valid (us...

CVE-2024-12663

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The...

CVE-2024-12663 funnyzpc Mee-Admin Login login observable response discrepancy

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The...

CVE-2024-12663 funnyzpc Mee-Admin Login login observable response discrepancy

A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The...

CVE-2024-48533

A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts...

CVE-2024-48533

A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts...

CVE-2024-48533

A discrepancy between responses for valid and invalid e-mail accounts in the Forgot your Login? module of eSoft Planner 3.24.08271-USA allows attackers to enumerate valid user e-mail accounts...

PT-2025-1529 · Ibm · Ibm Sterling File Gateway

Name of the Vulnerable Software and Affected Versions: IBM Sterling File Gateway versions 6.0.0.0 through 6.1.2.5 IBM Sterling File Gateway versions 6.2.0.0 through 6.2.0.1 Description: The issue is related to an observable discrepancy in request responses, which could allow an authenticated user...

CVE-2024-31074

Observable timing discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...

CVE-2024-28885

Observable discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...

CVE-2024-31074

Observable timing discrepancy in some IntelR QAT Engine for OpenSSL software before version v1.6.1 may allow information disclosure via network access...