VulnCheck KEV: CVE-2025-56132

LiquidFiles filetransfer server is vulnerable to a user enumeration issue in its password reset functionality. The application returns distinguishable responses for valid and invalid email addresses, allowing unauthenticated attackers to determine the existence of user accounts. Version 4.2...

CVE-2025-56132

LiquidFiles pre-4.2 is affected by a user-enumeration vulnerability in the password reset flow. Distinguishable responses to valid vs. invalid emails allow unauthenticated attackers to enumerate registered users. Upgrading to 4.2+ remedies this with user-based lockout and less informative errors;...

Fides has a Lack of Brute-Force Protections on Authentication Endpoints

Summary The Fides Admin UI login endpoint relies on a general IP-based rate limit for all API traffic and lacks specific anti-automation controls designed to protect against brute-force attacks. This could allow attackers to conduct credential testing attacks, such as credential stuffing or...

CVE-2022-20622

A vulnerability in IP ingress packet processing of the Cisco Embedded Wireless Controller with Catalyst Access Points Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, causing a denial of service DoS condition. The device may experience a...

CVE-2017-18899

An issue was discovered in Mattermost Server before 4.2.0, 4.1.1, and 4.0.5. It mishandles IP-based rate limiting...