ROS-20260129-73-0081

Vulnerability in gitea related to inconsistent responses to incoming requests. Exploitation of the vulnerability could allow a remote attacker to gain unauthorized access to protected information...

UBUNTU-CVE-2025-62397

The router’s inconsistent response to invalid course IDs allowed attackers to infer which course IDs exist, potentially aiding reconnaissance...

The vulnerability of the IBM Security Verify Access access control system and the software for securing access to applications in a Docker environment. IBM Security Verify Access Docker, due to responses to incoming requests being inconsistent, allows unauthorized access to protected information by attackers.

The vulnerability of the IBM Security Verify Access access control system and its software for securing access to applications in a Docker environment is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability could allow an attacker operating remotely to...

The vulnerability of the graphical interface of the Fortinet FortiSOAR software for coordinating the operation of cybersecurity systems and for managing real-time incident responses allows attackers to gain unauthorized access to protected information.

The vulnerability of the graphical interface of the software platform for coordinating the operation of cybersecurity systems and for managing real-time incident responses in Fortinet FortiSOAR is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can...

The vulnerability of Websoft HCM’s automation software for HR processes lies in its inability to properly handle incoming requests, allowing attackers to disclose protected information.

The vulnerability of Websoft HCM’s automation software for HR processes is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose sensitive information...

The vulnerability of the Polarion ALM application lifecycle management software lies in its inability to properly handle incoming requests, allowing an attacker to gain unauthorized access to protected information.

The vulnerability of the Polarion ALM application lifecycle management software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the SimpleOne ITSM automation system allows a attacker to carry out an attack using brute-force methods.

The vulnerability of the SimpleOne ITSM automation system is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability allows a malicious actor to carry out an attack using brute-force methods...

The vulnerability of the Mendix Runtime environment, related to inconsistencies in responses to incoming requests, allows attackers to disclose sensitive information.

The vulnerability of Mendix Runtime is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

The vulnerability of the IBM Sterling File Gateway file server, which stems from inconsistencies in the responses to incoming requests, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM Sterling File Gateway file server is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the IBM Control Center’s process monitoring and control system, related to inconsistencies in responses to incoming requests, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the IBM Control Center’s process monitoring and control system lies in the inconsistency of responses to incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the Loway QueueMetrics software for analyzing call center performance metrics lies in its inability to properly handle incoming requests, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Loway QueueMetrics performance analysis software lies in the inconsistency of its responses to incoming requests. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to protected information by sending specially crafted...

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Basic Authentication mechanism in the Mendix Runtime environment is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the SAML standard implementation in the Splunk Enterprise platform for operational analysis allows a perpetrator to carry out a brute-force attack.

The vulnerability of the SAML standard implementation in the Splunk Enterprise platform for operational analysis is related to inconsistencies in responses to incoming requests. Exploiting this vulnerability could allow a malicious actor to carry out a brute-force attack...

The vulnerability of the Ghost content management system, related to inconsistencies in responses to incoming requests, allows a hacker to disclose confidential information.

The vulnerability of the Ghost content management system is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability allows a malicious actor to disclose confidential information through a specially crafted HTTP request...

CVE-2023-40179 Silverware Games vulnerable to account enumeration via inconsistent responses

Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member o...

CVE-2023-40179 Silverware Games vulnerable to account enumeration via inconsistent responses

Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member o...

The vulnerability of Moxa TN-5900 series router microprogramming software, related to inconsistencies in responses to incoming requests, allows attackers to gain unauthorized access to protected information.

The vulnerability of Moxa TN-5900 series router microprogramming software is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

The vulnerability of the microprogramming software for industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software for wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C series, is related to inconsistencies in response to incoming requests. This vulnerability allows an intruder to gain unauthorized access to protected information.

The vulnerability of the microprogramming software used in industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software used in wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and...

Authentication flaw

An issue was discovered in Synacor Zimbra Collaboration Suite 8.6.x before 8.6.0 Patch 11, 8.7.x before 8.7.11 Patch 6, 8.8.x before 8.8.8 Patch 9, and 8.8.9 before 8.8.9 Patch 3. Account number enumeration is possible via inconsistent responses for specific types of authentication requests...