Lucene search
K

4 matches found

OSV
OSV
added 2026/04/09 2:37 p.m.1 views

BIT-PARSE-2026-39321 Parse Server has a login timing side-channel reveals user existence

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.8.0 and 8.6.74, he login endpoint response time differs measurably depending on whether the submitted username or email exists in the database. When a user is not found, the server...

6.3CVSS5.8AI score0.0023EPSS
Exploits0References4
NVD
NVD
added 2026/04/01 4:23 p.m.7 views

CVE-2025-67807

The login mechanism of Sage DPW 202506004 displays distinct responses for valid and invalid usernames, allowing enumeration of existing accounts in versions before 202106000. On-premise administrators can toggle this behaviour in newer versions...

4.7CVSS0.00142EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/11 12:0 a.m.2 views

Qnap QTS and QuTS hero Buffer Copy without Checking Size of Input (CVE-2024-37047)

A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to execute code. We have already fixed the vulnerability in the followin...

6.5CVSS5.9AI score0.00803EPSS
Exploits0References2
OSV
OSV
added 2024/11/22 4:15 p.m.4 views

CVE-2024-37048

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

4.9CVSS5.8AI score0.00609EPSS
Exploits0References1
Rows per page
Query Builder