CVE-2025-52916

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration last five digits...

CVE-2025-52916

Yealink RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration last five digits...

CVE-2025-52916

The CVE-2025-52916 entry concerns Yealink YMCS RPS prior to 2025-06-04, where the system lacks serial-number verification attempt limits, enabling brute-force enumeration of the last five digits. The issue is supported by multiple connected sources (CVE listing, Red Hat, CNNVD, PT Security, and C...

CVE-2025-0693

Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account...

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2025-0693

Variable response times in the AWS Sign-in IAM user login flow allowed for the use of brute force enumeration techniques to identify valid IAM usernames in an arbitrary AWS account...

CVE-2024-38322

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869...

CVE-2024-38322

CVE-2024-38322 affects IBM Storage Defender – Resiliency Service, versions 2.0.0–2.0.4. The issue is an agent username/password error response discrepancy that can expose the product to brute‑force credential enumeration. Impact is described as potential data confidentiality impact; CVSS data pre...

CVE-2023-47102

UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...

CVE-2023-47102

UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...

UrBackup Security Vulnerability

UrBackup is an open source backup and recovery system for multiple platforms. A security vulnerability exists in UrBackup Server version 2.5.31, which stems from a failure message that confirms an invalid username and can be exploited by an attacker to brute force enumerate user accounts...

CVE-2023-47102

UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid...

PT-2023-30310 · Unknown · Urbackup Server

Name of the Vulnerable Software and Affected Versions: UrBackup Server version 2.5.31 Description: The issue allows for brute-force enumeration of user accounts. This is possible because a failure message confirms when a username is not valid. Recommendations: For UrBackup Server version 2.5.31,...

CVE-2020-35398

An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted...

VANOC Enterprise Website Management System PHP 3.5 has a Logic Flaw Vulnerability

Vanno enterprise website management system PHP is based on php + MySQL development of enterprise website management system. VANOC Enterprise Website Management System PHP 3.5 has a logic flaw vulnerability that can be exploited by attackers to brute-force enumerate administrator usernames and...

Oracle Linux 5 : tomcat (ELSA-2009-1164)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2009-1164 advisory. - add patch for CVE-2007-5333 Resolves: rhbz427779 - add patch for CVE-2008-5515 Resolves: rhbz504758 - add patch for CVE-2009-0033 - add patch for...