5 matches found
CVE-2026-44595 Yamcs: Unauthorized user enumeration via IAM API endpoints
Yamcs is a mission control framework. Prior to 5.12.7, the IAM API endpoints listUsers, getUser, listGroups, and getGroup in yamcs-core did not enforce the required SystemPrivilege.ControlAccess check in yamcs-core/src/main/java/org/yamcs/http/api/IamApi.java, so any authenticated user, even one...
Exploit for CVE-2026-44595
CVE-2026-44595 — YAMCS Unauthorized User Enumeration via IAM A...
EUVD-2023-32055
Malicious code in bioql PyPI...
CVE-2023-30437 IBM Security Guardium information disclosure
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293...
CVE-2021-34580
In mymbCONNECT24, mbCONNECT24 = 2.9.0 an unauthenticated user can enumerate valid backend users by checking what kind of response the server sends for crafted invalid login attempts...