GHSA-424X-CXVH-WQ9P Mautic allows user name enumeration due to response time difference on password reset form

Summary This advisory addresses a security vulnerability in Mautic related to the "Forget your password" functionality. This vulnerability could be exploited by unauthenticated users to enumerate valid usernames. User Enumeration via Timing Attack: A user enumeration vulnerability exists in the...

ROS-20241211-10

Vulnerability of GnuTLS transport layer cryptographic library is related to difference of response time when processing RSA ciphertext in ClientKeyExchange message with correct and incorrect addition of PKCS1. PKCS1 padding. Exploitation of the vulnerability may allow a remote intruder to gain...

CVE-2024-29296

A user enumeration vulnerability was found in Portainer CE 2.19.4. This issue occurs during user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not...

PT-2024-5801 · Unknown +1 · Portainer Ce +1

Name of the Vulnerable Software and Affected Versions: Portainer CE version 2.19.4 Description: A user enumeration issue is present in the user authentication process, where a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. This...