EUVD-2021-7604

Malicious code in bioql PyPI...

CVE-2021-20147

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists...

ZOHO ManageEngine ADSelfService Plus has an unspecified vulnerability (CNVD-2022-02473)

A security vulnerability exists in ZOHO ManageEngine ADSelfService Plus, ZOHO's integrated self-service password management and single sign-on solution for Active Directory and cloud applications. The vulnerability stems from build 6116 of ManageEngine ADSelfService Plus containing an observable...

CVE-2021-20147

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists...

Design/Logic Flaw

ManageEngine ADSelfService Plus below build 6116 contains an observable response discrepancy in the UMCP operation of the ChangePasswordAPI. This allows an unauthenticated remote attacker to determine whether a Windows domain user exists...

CVE-2021-20147

Affected product: ManageEngine ADSelfService Plus (below build 6116). Vulnerability: observable response discrepancy in the UMCP operation of the ChangePasswordAPI that can be exploited by an unauthenticated remote attacker to determine whether a Windows domain user exists. Root cause / vulnerabi...