Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

RedHat Linux
RedHat Linuxadded 2018/05/15 7:44 p.m.0 views

ovirt-engine: account enumeration through login to web console

The ovirt-engine web console login form returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts...

5.3CVSS5.8AI score0.00269EPSS
Exploits0References4
OSV
OSVadded 2017/11/15 8:29 a.m.0 views

DEBIAN-CVE-2017-8810

MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account names and conduct brute-force attack...

7.5CVSS6.9AI score0.00959EPSS
Exploits0References1
OSV
OSVadded 2017/04/29 12:59 a.m.3 views

CVE-2017-7945

The GlobalProtect external interface in Palo Alto Networks PAN-OS before 6.1.17, 7.x before 7.0.15, 7.1.x before 7.1.9, and 8.x before 8.0.2 provides different error messages for failed login attempts depending on whether the username exists, which allows remote attackers to enumerate account nam...

9.8CVSS7.4AI score0.00437EPSS
Exploits0References1
OSV
OSVadded 2016/08/05 2:59 p.m.3 views

CVE-2016-6145

The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailederroronconnect option is not supported or is configured as "False," which allows remote attackers to enumerat...

5.3CVSS5.9AI score0.0039EPSS
Exploits0References5
OSV
OSVadded 2007/01/09 12:28 a.m.2 views

DEBIAN-CVE-2007-0109

wp-login.php in WordPress 2.0.5 and earlier displays different error messages if a user exists or not, which allows remote attackers to obtain sensitive information and facilitates brute force attacks...

5CVSS6.2AI score0.01387EPSS
Exploits0References1
Atlassian
Atlassianadded 2005/02/10 3:49 p.m.18 views

Logon with wrong user/password gives 'weird' errorpage.

Error screen after wrong login is 'weird'...

0.9AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2002/07/09 10:11 p.m.25 views

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2002/07/09 10:11 p.m.20 views

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

2.4AI score
Exploits0Affected Software1
Atlassian
Atlassianadded 2002/07/09 10:11 p.m.21 views

Login errors in 1.3

When logging in as our special user who is restricted to one certain project, I get this error message from secure/Dashboard.jspa java.lang.IllegalArgumentException: Source may not be null at webwork.util.SubsetIteratorFilter.setSourceSubsetIteratorFilter.java:33 at...

2.4AI score
Exploits0
Rows per page
Query Builder