Lucene search
+L

151 matches found

ATTACKERKB
ATTACKERKB
added 2022/06/20 12:0 a.m.9 views

CVE-2022-31248

A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, SUSE Manager Server 4.2 allows remote attackers to discover valid usernames. This issue affects: SUSE Manager Server 4.1 spacewalk-java versions prior to 4.1.46-1. SUSE Manager Server 4.2 spacewalk-java...

5.3CVSS6.8AI score0.00968EPSS
Exploits1References2
NVD
NVD
added 2022/01/03 10:15 p.m.30 views

CVE-2021-20147

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists...

5.3CVSS0.069EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2021/09/20 7:53 p.m.38 views

Observable Response Discrepancy in Lost Password Service

Impact It is possible to enumerate usernames via the forgot password functionality Patches Update to version 10.1.3 or apply this patch manually: https://github.com/pimcore/pimcore/pull/10223.patch Workarounds Apply https://github.com/pimcore/pimcore/pull/10223.patch manually...

5.3CVSS5.7AI score0.01284EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2021/09/15 1:50 p.m.23 views

CVE-2021-39189 Observable Response Discrepancy in Lost Password Service

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, it is possible to enumerate usernames via the forgot password functionality. This issue is fixed in version 10.1.3. As a workaround, one may apply the available patch manually...

5.3CVSS5.3AI score0.01284EPSS
Exploits0References4
NVD
NVD
added 2021/06/09 8:15 p.m.19 views

CVE-2021-0089

Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

6.5CVSS0.00372EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2021/06/09 8:15 p.m.22 views

CVE-2021-0089

Observable response discrepancy in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

6.5CVSS6.6AI score0.00372EPSS
Exploits0References6
Prion
Prion
added 2021/06/09 8:15 p.m.22 views

Information disclosure

Observable response discrepancy in floating-point operations for some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

2.1CVSS6.2AI score0.00372EPSS
Exploits0References7Affected Software2
NVD
NVD
added 2020/05/22 9:15 p.m.19 views

CVE-2020-13413

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force...

5.3CVSS5.2AI score0.01369EPSS
Exploits1References2
Prion
Prion
added 2020/05/22 9:15 p.m.15 views

Information disclosure

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force...

5CVSS5.2AI score0.01369EPSS
Exploits1References2Affected Software2
Cvelist
Cvelist
added 2020/05/22 8:48 p.m.20 views

CVE-2020-13413

An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force...

5.3AI score0.01369EPSS
Exploits1References2
CVE
CVE
added 2020/05/22 8:48 p.m.130 views

CVE-2020-13413

CVE-2020-13413 affects Aviatrix Controller prior to version 5.4.1204. The issue is an observable response discrepancy in the API that makes it easier to enumerate valid usernames via brute force. Public references across multiple feeds describe this information disclosure vulnerability tying to u...

5.3CVSS5.2AI score0.01369EPSS
Exploits1References2Affected Software2
Rows per page
Query Builder