12 matches found
EUVD-2020-5712
Malware in sbrugna...
EUVD-2024-32772
Malicious code in bioql PyPI...
CVE-2025-43754
Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows attackers to determine if an account exist in the...
CVE-2020-26526
An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username is invalid than when the username is valid "Unable to find an APIDomain" versus "Wrong email or password"...
CVE-2024-42174
HCL MyXalytics is affected by username enumeration vulnerability. This allows a malicious user to perform enumeration of application users, and therefore compile a list of valid usernames...
PT-2025-2624 · Hcl · Hcl Myxalytics
Name of the Vulnerable Software and Affected Versions: HCL MyXalytics affected versions not specified Description: The issue allows a malicious user to perform enumeration of application users, compiling a list of valid usernames through a username enumeration vulnerability. Recommendations: At t...
CVE-2024-28232
Go package IceWhaleTech/CasaOS-UserService provides user management functionalities to CasaOS. The Casa OS Login page has disclosed the username enumeration vulnerability in the login page which was patched in version 0.4.7. This issue in CVE-2024-28232 has been patched in version 0.4.8 but that...
多款Siemens产品安全漏洞
Desigo DXR2 controllers are programmable automation stations to support the standard control needs of end HVAC equipment and TRA Total Room Automation applications. the Desigo PXC3 series of automation stations can be used in buildings where functionality and flexibility are more demanding. Use...
CVE-2020-5143
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and G...
Design/Logic Flaw
CodeLathe FileCloud before 20.2.0.11915 allows username enumeration...
SUSE-SU-2018:3776-1 Security update for openssh
This update for openssh fixes the following issues: Following security issues have been fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not...
CVE-2004-1697
The "Forgot your Password" link in Computer Associates CA Unicenter Management Portal 2.0 and 3.1 displays different error messages for users that exist and users that do not exist, which could allow remote attackers to guess valid usernames...