39 matches found
CVE-2024-56136
Zulip server provides an open-source team chat that helps teams stay productive and focused. Zulip Server 7.0 and above are vulnerable to an information disclose attack, where, if a Zulip server is hosting multiple organizations, an unauthenticated user can make a request and determine if an emai...
CVE-2018-25049
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
Shopware 安全漏洞
Shopware is a suite of open source e-commerce software from the German company Shopware. A security vulnerability exists in Shopware, which stems from a store-api that detects the existence of an e-mail account, which could lead to information disclosure...
CVE-2023-40179 Silverware Games vulnerable to account enumeration via inconsistent responses
Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member o...
CVE-2023-40182 silverware-io-issue-tracker server responds in a noticeably different amount of time depending if a given email address exists or not
Silverware Games is a premium social network where people can play games online. When using the Recovery form, a noticeably different amount of time passes depending of whether the specified email address presents in our database or not. This has been fixed in version 1.3.7...
Regular Expression Denial Of Service (ReDoS)
email-existence is vulnerable to regular expression denial of service. The vulnerability exists in index.js because the length of the email is not properly validated which allows users to create emails using more than 300 characters causing a denial of service...
@essex/powerbi-visual-scripts (=1.1.0), @essex/visual-settings (>=1.0.0 <=3.0.0) +13 more potentially affected by CVE-2018-25049 via email-existence (>=0.1.2 <=0.1.6)
email-existence NPM version =0.1.2, =1.0.0, =1.0.0, =0.1.5, =1.0.1, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.4.1, =1.0.0, =1.1.6, =1.2.4 Source cves: CVE-2018-25049 Source advisory: OSV:GHSA-P27H-4CPF-FW48...
email-existence Inefficient Regular Expression Complexity vulnerability
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
GHSA-P27H-4CPF-FW48 email-existence Inefficient Regular Expression Complexity vulnerability
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
CVE-2018-25049
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
CVE-2018-25049
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
Design/Logic Flaw
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
CVE-2018-25049 email-existence index.js redos
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
CVE-2018-25049
The CVE-2018-25049 entry concerns the email-existence library, specifically the index.js component. The issue is described as an inefficient regular-expression complexity (regular expression denial of service) vulnerability, tied to how email length/validation is handled. The known patch is named...
CVE-2018-25049 email-existence index.js redos
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is...
email-existence 安全漏洞
email-existence is a library for checking the legitimacy of email messages. A security vulnerability exists in email-existence. An attacker exploited the vulnerability to cause an increase in the complexity of regular expressions...
PT-2022-8059 · Unknown · Email-Existence
Name of the Vulnerable Software and Affected Versions: email-existence affected versions not specified Description: A vulnerability was found in email-existence, rated as problematic. It affects some unknown functionality of the file index.js. The manipulation leads to inefficient regular...
CVE-2019-6122
A Username Enumeration via Error Message issue was discovered in NiceHash Miner before 2.0.3.0 because an "EMAIL DOES NOT EXIST" error message occurs whenever a submitted email address is incorrect, but there is a different error message for invalid credentials with a correct email address...
Nextcloud: The password recovery let users know whether an email address exists or not in the website
URL: https://apps.nextcloud.com/password/reset/ I have tried to recover the password for some emails: [email protected] exists [email protected] does not exists After I clicked the "reset my password"'s button, the website informed that the email did not exist. Impact This is a bad practice, and it ...