Lucene search
K

83 matches found

ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.5 views

CVE-2022-34174

In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...

7.5CVSS6.8AI score0.01229EPSS
Exploits0References2
Prion
Prion
added 2022/06/23 5:15 p.m.31 views

Default credentials

In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm...

5CVSS8.1AI score0.01229EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/09/14 7:15 p.m.26 views

CVE-2020-13289

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. In certain cases an invalid username could be accepted when 2FA is activated...

5.5CVSS0.00687EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/14 12:0 a.m.2 views

PT-2020-13430 · Gitlab · Gitlab

Name of the Vulnerable Software and Affected Versions: GitLab versions prior to 13.1.10 GitLab versions prior to 13.2.8 GitLab versions prior to 13.3.4 Description: A vulnerability was discovered in certain cases where an invalid username could be accepted when 2FA is activated. Recommendations:...

5.5CVSS5.2AI score0.00687EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.25 views

EulerOS Virtualization 3.0.2.2 : cups (EulerOS-SA-2020-1461)

According to the versions of the cups package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The addjob function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by...

8.8CVSS6.1AI score0.02255EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.25 views

EulerOS Virtualization for ARM 64 3.0.2.0 : cups (EulerOS-SA-2020-1227)

According to the version of the cups package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The addjob function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attacke...

5.3CVSS6.2AI score0.02255EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2019-2422)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.02255EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.23 views

EulerOS 2.0 SP2 : cups (EulerOS-SA-2019-2422)

According to the version of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The addjob function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs...

5.3CVSS6.3AI score0.02255EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.24 views

EulerOS 2.0 SP5 : cups (EulerOS-SA-2019-2135)

According to the version of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The addjob function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs...

5.3CVSS6.3AI score0.02255EPSS
Exploits1References2
CNVD
CNVD
added 2019/08/07 12:0 a.m.5 views

cPanel Input Validation Error Vulnerability (CNVD-2019-29604)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A security vulnerability exists in versions of cPanel prior to 68.0.15, which stems from the program allowing user accounts to be...

4CVSS6.8AI score0.00622EPSS
Exploits0References1
NVD
NVD
added 2019/08/02 2:15 p.m.19 views

CVE-2017-18401

cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats SEC-334...

4CVSS3.8AI score0.00622EPSS
Exploits0References2
Prion
Prion
added 2019/08/02 2:15 p.m.17 views

Design/Logic Flaw

cPanel before 68.0.15 allows user accounts to be partially created with invalid username formats SEC-334...

4CVSS4.1AI score0.00622EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2019/08/02 1:10 p.m.54 views

CVE-2017-18401

CVE-2017-18401 affects cPanel prior to 68.0.15, where account creation could partially succeed with invalid username formats (SEC-334). The vulnerability is documented across multiple sources (NVD/Red Hat/CNVD). A patch to 68.0.15 or later is the stated remediation in available references; no exp...

4CVSS4.1AI score0.00622EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/03/21 3:59 p.m.4 views

UBUNTU-CVE-2017-2659

It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts...

7.5CVSS5.8AI score0.01505EPSS
Exploits0References3
Packet Storm
Packet Storm
added 2018/08/16 12:0 a.m.67 views

OpenSSH 7.x Username Enumeration

!/usr/bin/env python Copyright c 2018 Matthew Daley Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files the "Software", to deal in the Software without restriction, including without limitation the rights to use, copy,...

7.4AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2018/06/28 12:0 a.m.5 views

Fuzzer SMB Session Setup Invalid Username - Ver2

A vulnerability exists in Fuzzer. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

4.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/05/29 12:0 a.m.30 views

Debian DLA-1387-1 : cups security update

CVE-2017-18248 It was found that by submitting a print job with an invalid username, the CUPS server can be crashed, when D-Bus support is enabled which is the case for Debian. For Debian 7 'Wheezy', these problems have been fixed in version 1.5.3-5+deb7u8. We recommend that you upgrade your cups...

5.3CVSS6.2AI score0.02255EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2018/05/27 12:0 a.m.29 views

Debian: Security Advisory (DLA-1387-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.3CVSS5.8AI score0.02255EPSS
Exploits1References3
OSV
OSV
added 2018/05/09 6:33 p.m.6 views

MGASA-2018-0224 Updated cups packages fix security vulnerability

CUPS before version 2.2.6 has a vulnerability in the handling of usernames in the scheduler/ipp.c:addjob function. A remote attacker could exploit this by submitting a print job with an invalid UTF-8 username to cause a crash and subsequent denial of service CVE-2017-18248...

5.3CVSS5.9AI score0.02255EPSS
Exploits1References3
CNVD
CNVD
added 2018/05/08 12:0 a.m.3 views

ncurses denial of service vulnerability (CNVD-2018-09192)

ncurses is a character terminal processing library , it can provide a series of functions for the user to call and generate text-based user interface . A security vulnerability exists in the 'ncparseentry' function in the tinfo/parseentry.c file in versions of ncurses prior to 6.1.20180414. A...

6.8AI score
Exploits0References1
Rows per page
Query Builder