16 matches found
EUVD-2001-1283
Malware in sbrugna...
EUVD-2022-46984
Malicious code in bioql PyPI...
EUVD-2025-14290
Malicious code in bioql PyPI...
EUVD-2022-46985
Malicious code in bioql PyPI...
CVE-2025-24391
A vulnerability in the External Interface of OTRS allows conclusions to be drawn about the existence of user accounts through different HTTP response codes and messages. This enables an attacker to systematically identify valid email addresses. This issue affects: OTRS 7.0.X OTRS 8.0.X OTRS 2023....
CVE-2022-44022
PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts...
CVE-2025-46747
An authenticated user without user-management permissions could identify other user accounts...
CVE-2022-44023
PwnDoc through 0.5.3 might allow remote attackers to identify disabled user account names by leveraging response messages for authentication attempts...
CVE-2022-44022
PwnDoc through 0.5.3 might allow remote attackers to identify valid user account names by leveraging response timings for authentication attempts...
CVE-2022-44022
PwnDoc up to version 0.5.3 is affected by an authentication timing flaw that could allow remote attackers to enumerate valid user account names. Affected component is the authentication mechanism in PwnDoc (0.5.3 and earlier). The root cause is timing-based disclosure during login attempts, enabl...
IBM Security Secret Server Information Disclosure Vulnerability (CNVD-2022-05089)
IBM Security Secret Server is a privileged access management solution from IBM Corporation. The product supports password management, privileged account identification, and privileged session access monitoring logs.A security vulnerability exists prior to IBM Security Secret Server 11.0, which...
IBM Security Secret Server Information Disclosure Vulnerability (CNVD-2022-05088)
IBM Security Secret Server is a privileged access management solution from IBM Corporation. The product supports password management, privileged account identification, and privileged session access monitoring and logging. security vulnerabilities existed prior to IBM Security Secret Server 11.0,...
IBM Security Secret Server 安全漏洞
IBM Security Secret Server is a privileged access management solution from IBM Corporation. The product supports password management, privileged account identification, and privileged session access monitoring and logging. security vulnerabilities existed prior to IBM Security Secret Server 11.0,...
CVE-2001-1483
CVE-2001-1483 affects OPIE (One-Time Passwords In Everything) versions 2.32 and 2.4. It permits remote attackers to determine whether a user account exists by observing how passphrases are printed: random passphrases if the account does not exist, static passphrases if it does. This is an informa...
CVE-1999-1231
CVE-1999-1231 affects SSH 2.0.12 (and possibly later versions). The vulnerability arises because an attacker can try multiple password attempts using valid usernames, yet the system only prompts “invalid user” once, enabling remote disclosure of valid account names on the server. The description ...
CVE-2001-1302
The change password option in the Windows Security interface for Windows 2000 allows attackers to use the option to attempt to change passwords of other users on other systems or identify valid accounts by monitoring error messages, possibly due to a problem in the NetuserChangePassword function...