Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

10 matches found

CNVD
CNVDadded 2020/08/10 12:0 a.m.1 views

JetBrains Upsource Information Disclosure Vulnerability

JetBrains Upsource is a set of code review tools from the Czech company JetBrains. A security vulnerability exists in JetBrains Upsource versions prior to 2020.1 that stems from an incorrect user matching algorithm. An attacker could exploit the vulnerability to obtain information...

7.5CVSS6.9AI score0.00003EPSS
Exploits0References1
OSV
OSVadded 2020/08/08 9:15 p.m.0 views

CVE-2019-19704

In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm...

7.5CVSS7.1AI score
Exploits0References2
NVD
NVDadded 2020/08/08 9:15 p.m.15 views

CVE-2019-19704

In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm...

7.5CVSS7.6AI score0.00003EPSS
Exploits0References2
Prion
Prionadded 2020/08/08 9:15 p.m.16 views

Information disclosure

In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm...

5CVSS7.3AI score0.00003EPSS
Exploits0References2Affected Software1
CVE
CVEadded 2020/08/08 8:52 p.m.64 views

CVE-2019-19704

CVE-2019-19704 affects JetBrains Upsource prior to 2020.1, where an incorrect user matching algorithm could lead to information disclosure. The Red Hat/CNVD/NVD entries corroborate that Upsource before 2020.1 is vulnerable due to this issue. The Red Hat entry and CNVD descriptions consistently st...

7.5CVSS7.2AI score0.00003EPSS
Exploits0References2Affected Software1
UbuntuCve
UbuntuCveadded 2016/12/11 2:59 a.m.19 views

CVE-2016-9850

An issue was discovered in phpMyAdmin. Username matching for the allow/deny rules may result in wrong matches and detection of the username in the rule due to non-constant execution time. All 4.6.x versions prior to 4.6.5, 4.4.x versions prior to 4.4.15.9, and 4.0.x versions prior to 4.0.10.18 ar...

5.3CVSS7AI score0.00565EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2005/10/05 9:2 p.m.18 views

CVE-2005-3139

Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set...

5CVSS5.9AI score0.00593EPSS
Exploits0References1
NVD
NVDadded 2005/10/05 9:2 p.m.12 views

CVE-2005-3139

Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set...

5CVSS6.5AI score0.00593EPSS
Exploits0References5
Cvelist
Cvelistadded 2005/10/05 4:0 a.m.15 views

CVE-2005-3139

Bugzilla 2.19.1 through 2.20rc2 and 2.21, with user matching turned on in substring mode, allows attackers to list all users whose names match an arbitrary substring, even when the usevisibilitygroups parameter is set...

6.5AI score0.00593EPSS
Exploits0References5
CVE
CVEadded 2005/10/05 4:0 a.m.41 views

CVE-2005-3139

CVE-2005-3139 affects Bugzilla 2.19.1 through 2.20rc2 and 2.21. When user matching is enabled in substring mode, it can disclose usernames that match an arbitrary substring, even with useVisibilityGroups set. Root cause is substring-based user search bypassing visibility controls, leading to part...

5CVSS6.6AI score0.00593EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder