CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

NVD•added 2025/10/14 1:15 a.m.•5 views

CVE-2025-42903

A vulnerability in SAP Financial Service Claims Management RFC function ICLUSERGETNAMEANDADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality with no impact on integrity or availability...

4.3CVSS0.00038EPSS

Exploits0References2

EUVD•added 2025/10/14 12:17 a.m.•3 views

EUVD-2025-34124

4.3CVSS6.1AI score0.00038EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-23822

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.00307EPSS

Exploits0References1

Vulnrichment•added 2025/07/21 8:53 p.m.•2 views

CVE-2025-54129 HAXiam allows for User Enumeration

HAXiam is a packaging wrapper for HAXcms which allows anyone to spawn their own microsite management platform. In versions 11.0.4 and below, the application returns a 200 response when requesting the data of a valid user and a 404 response when requesting the data of an invalid user. This can be...

4.3CVSS6.8AI score0.00224EPSS

Exploits1References1

CVE•added 2025/06/11 2:20 p.m.•54 views

CVE-2025-0163

CVE-2025-0163 affects IBM Security Verify Access Appliance and Docker versions 10.0–10.0.8. The vulnerability allows remote attackers to enumerate usernames due to an observable response discrepancy for disabled accounts. IBM’s bulletin confirms a fix path: update IBM Security Verify Access to 10...

5.3CVSS6.8AI score0.00204EPSS

Exploits0References1Affected Software2

RedhatCVE•added 2025/05/23 5:12 a.m.•7 views

CVE-2023-23449

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface...

5.3CVSS6.1AI score0.00377EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:31 a.m.•4 views

CVE-2023-27283

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545...

5.3CVSS6.5AI score0.00052EPSS

Exploits0References1

NVD•added 2024/05/04 2:16 p.m.•8 views

CVE-2023-27283

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545...

5.3CVSS5.1AI score0.00052EPSS

Exploits0References2

CVE•added 2024/05/04 1:16 p.m.•52 views

CVE-2023-27283

Affected product: IBM Aspera Orchestrator 4.0.1. The issue allows a remote attacker to enumerate usernames due to observable response discrepancies during authentication, as documented in multiple sources (e.g., CNVD, Red Hat advisory, IBM X-Force references). Root cause and exact impact: observa...

5.3CVSS6.4AI score0.00052EPSS

Exploits0References2Affected Software1

Cvelist•added 2024/05/04 1:16 p.m.•15 views

CVE-2023-27283 IBM Aspera Orchestrator information disclosure

IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545...

5.3CVSS5.3AI score0.00052EPSS

Exploits0References2

ATTACKERKB•added 2024/02/21 4:15 p.m.•2 views

CVE-2022-45177

An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, the /api/v1/sharedsearch?search=NAME+SURNAME endpoint, and the /login endpoint. The web application provides different...

7.5CVSS5.8AI score0.00102EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by