Observable Discrepancy

github.com/zitadel/zitadel is vulnerable to Observable Discrepancy. The vulnerability is caused due to "Ignoring unknown usernames" flag being not respected correctly in all cases. This can lead to an attacker gaining information if an account exists within ZITADEL...

CVE-2024-38431

Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy...

CVE-2024-38431

CVE-2024-38431 relates to Matrix Tafnit v8 and CWE-204: Observable Response Discrepancy. The available documents identify Matrix Tafnit version 8 as affected, with the underlying issue described as an observable response discrepancy. Exploitation status is not documented in the provided sources. ...

CVE-2024-38431 Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy

Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy...

PT-2024-28000 · Unknown · Matrix Tafnit

Name of the Vulnerable Software and Affected Versions: Matrix Tafnit version 8 Description: The issue is related to Observable Response Discrepancy, identified as CWE-204. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the fact that if a requested function is not set in the kernel configuration, it currently fails silently an...

Hitachi Energy AFS/AFR Series Products

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Hitachi Energy Equipment : AFS650, AFS660, AFS665, AFS670, AFS675, AFS677, AFR677 Vulnerabilities : Type Confusion, Use After Free, Double Free, Observable Discrepancy 2. RISK EVALUATION...

ROS-20240717-05

A vulnerability in the implementation of PKCS1 v1.5, OAEP, and RSASVP standards in the NSS Network Security Services library set is associated with insufficient protection of service data due to time discrepancy. Exploitation of the vulnerability allows an attacker acting remotely to implement th...

CVE-2023-33859

IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697...

CVE-2023-33859 IBM Security ReaQta information disclosure

IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697...

Improper Authentication

Mattermost is vulnerable to Improper Authentication. The vulnerability is caused by the use of constant-time comparison for remote cluster tokens, possibly allowing an attacker to retrieve the token during comparison due to the timing discrepancy...

CVE-2024-38322 IBM Storage Defender information disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2024-6129

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack...

CVE-2024-6129

CVE-2024-6129 affects spa-cartcms 1.9.0.6, specifically the Username Handler component’s /login function where manipulating the email argument causes observable behavior differences. All connected sources confirm remote exposure with high attack complexity and a disclosed exploit; exploitation st...

CVE-2024-6129 spa-cartcms Username login observable behavioral discrepancy

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack...

CVE-2024-6129 spa-cartcms Username login observable behavioral discrepancy

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack...

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...

CVE-2024-34024

CVE-2024-34024 is a vulnerability in ID Link Manager and FUJITSU Software TIME CREATOR where an unauthenticated attacker can determine whether a username is valid due to an observable response discrepancy. Affected products/versions (per sources) include: ID Link Manager II ≤1.8, ID Link Manager ...

CVE-2024-34024

Observable response discrepancy issue exists in ID Link Manager and FUJITSU Software TIME CREATOR. If this vulnerability is exploited, an unauthenticated remote attacker may determine if a username is valid or not...

PT-2024-25651 · Fujitsu · Fujitsu Software Time Creator

Name of the Vulnerable Software and Affected Versions: ID Link Manager affected versions not specified FUJITSU Software TIME CREATOR affected versions not specified Description: The issue allows an unauthenticated remote attacker to determine if a username is valid or not by exploiting an...