10 matches found
CVE-2025-43743
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.5, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allows any authenticated remote user to view other calendars by...
CVE-2025-3092
An unauthenticated remote attacker can enumerate valid user names from an unprotected endpoint...
Moodle 安全漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. An attacker exploited the vulnerability to enumerate the names of other users via the...
PwnDoc 授权问题漏洞
PwnDoc is a software application. Penetration test report generator. A security vulnerability exists in PwnDoc version 0.5.3, which stems from a vulnerability that could allow a remote attacker to identify valid user account names by exploiting the response time of authentication attempts...
Atlassian JIRA Server 安全漏洞
Atlassian JIRA Server and Atlassian JIRA Data Center are both products of Atlassian Australia.Atlassian JIRA Server is a server version of a defect tracking management system. Atlassian JIRA Data Center is the data center version of Atlassian JIRA. Atlassian Jira Server and Jira Data Center have ...
NiceHash Miner Information Disclosure Vulnerability
NiceHash Miner is a mining software for Bitcoin. A security vulnerability exists in NiceHash Miner versions prior to 2.0.3.0. An attacker could exploit the vulnerability to enumerate user names...
JetBrains Hub Information Disclosure Vulnerability (CNVD-2019-40586)
JetBrains Hub is a web-based application from the Czech company JetBrains. The program is capable of integrating multiple JetBrains team tools together. A security vulnerability exists in versions prior to JetBrains Hub 2019.1.11738. An attacker could exploit the vulnerability to enumerate user...
tomcat: timing attack in Realm implementation
The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possible to determine valid user names. Note that the default configuration includes the LockOutRealm which makes exploitation of this vulnerability harder...
OpenSSHd 7.2p2 - Username Enumeration (2)
Exploit for linux platform in category remote exploits !/usr/bin/python CVEs: CVE-2016-6210 Credits for this go to Eddie Harari Author: 0o -- nullnull nu11.nu11 at yahoo.com Oh, and it is n-u-one-one.n-u-one-one, no l's... Wonder how the guys at packet storm could get this wrong : Date: 2016-07-1...
PT-2014-5440 · Cloudbees +1 · Jenkins
Name of the Vulnerable Software and Affected Versions: Jenkins versions prior to 1.583 Jenkins LTS versions prior to 1.565.3 Description: The issue allows remote attackers to enumerate user names via vectors related to login attempts. Recommendations: For Jenkins versions prior to 1.583, update t...