Lucene search
+L

222 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:35 a.m.6 views

CVE-2024-13198

A vulnerability classified as problematic has been found in langhsu Mblog Blog System 3.5.0. Affected is an unknown function of the file /login. The manipulation leads to observable response discrepancy. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...

6.3CVSS6.7AI score0.00668EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.3 views

CVE-2023-26071

An issue was discovered in MCUBO ICT through 10.12.4 aka 6.0.2. An Observable Response Discrepancy can occur under the login web page. In particular, the web application provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor. Th...

7.5CVSS6.7AI score0.0065EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:16 a.m.4 views

CVE-2023-27464

A vulnerability has been identified in Mendix Forgot Password Mendix 7 compatible All versions V3.7.1, Mendix Forgot Password Mendix 8 compatible All versions V4.1.1, Mendix Forgot Password Mendix 9 compatible All versions V5.1.1. The affected versions of the module contain an observable response...

5.3CVSS6.8AI score0.00458EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:59 a.m.5 views

CVE-2023-1540

Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...

5.3CVSS6.7AI score0.00639EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:21 a.m.9 views

CVE-2023-38362

IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. IBM X-Force ID: 260814...

5.3CVSS6AI score0.0047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:51 a.m.10 views

CVE-2022-45177

An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, the /api/v1/sharedsearch?search=NAME+SURNAME endpoint, and the /login endpoint. The web application provides different...

7.5CVSS6.6AI score0.00539EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:21 p.m.9 views

CVE-2020-26526

An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username is invalid than when the username is valid "Unable to find an APIDomain" versus "Wrong email or password"...

5.3CVSS6.8AI score0.01467EPSS
Exploits0
NVD
NVD
added 2025/05/22 1:15 p.m.16 views

CVE-2025-3939

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: befo...

5.3CVSS0.00261EPSS
Exploits0References2
OSV
OSV
added 2025/05/22 1:15 p.m.6 views

CVE-2025-3939

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: befo...

5.3CVSS5.8AI score0.00261EPSS
Exploits0References2
CVE
CVE
added 2025/05/22 12:33 p.m.59 views

CVE-2025-3939

CVE-2025-3939 describes an observable response discrepancy in Tridium Niagara Framework and Tridium Niagara Enterprise Security that could enable cryptanalysis. Affected software and versions include Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: bef...

5.3CVSS5.3AI score0.00261EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2025/05/22 12:33 p.m.25 views

CVE-2025-3939 Observable Response Discrepancy

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: befo...

5.3CVSS0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/22 12:33 p.m.9 views

CVE-2025-3939 Observable Response Discrepancy

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: befo...

5.3CVSS5.3AI score0.00261EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/03/31 12:33 a.m.20 views

CVE-2024-51477

IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...

4.3CVSS6.3AI score0.00281EPSS
Exploits0References1
OSV
OSV
added 2025/02/12 2:15 p.m.8 views

CVE-2025-1101

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests...

5.3CVSS5.8AI score0.00709EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/12 1:26 p.m.6 views

CVE-2025-1101

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests...

5.3CVSS5.4AI score0.00709EPSS
Exploits0References1
CVE
CVE
added 2025/02/12 1:26 p.m.65 views

CVE-2025-1101

CVE-2025-1101 affects Q-Free MaxTime <= 2.11.0. A CWE-204 vulnerability in the login page allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests. The issue is triggered by an observable response discrepancy in the authentication flow, enabling user enu...

5.3CVSS5.4AI score0.00709EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/02/12 1:26 p.m.14 views

CVE-2025-1101

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests...

5.3CVSS0.00709EPSS
Exploits0References1
NVD
NVD
added 2025/01/29 5:15 p.m.23 views

CVE-2023-37413

IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy...

5.3CVSS0.0029EPSS
Exploits0References1
OSV
OSV
added 2025/01/29 5:15 p.m.4 views

CVE-2023-37413

IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy...

5.3CVSS5.7AI score0.0029EPSS
Exploits0References1
CVE
CVE
added 2025/01/29 4:36 p.m.73 views

CVE-2023-37413

IBM Aspera Faspex ≤ 5.0.10 is affected by an information-disclosure vulnerability (CVE-2023-37413) caused by an observable response discrepancy that could reveal sensitive username information. Affected product/versions: IBM Aspera Faspex 5.0.0 through 5.0.10. Remediation: upgrade to IBM Aspera F...

5.3CVSS5.1AI score0.0029EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder