SUSE CVE-2022-39307

Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the /api/user/password/sent-reset-email URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks...

EUVD-2025-201311

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

CVE-2025-65899

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

CVE-2025-65899

Kalmia CMS version 0.2.0 contains a user enumeration vulnerability in its authentication mechanism. The application returns different error messages for invalid users usernotfound versus valid users with incorrect passwords invalidpassword. This observable response discrepancy allows...

LDAP authentication fails with error "user <username> not found" if using UPN to login Gateway

LDAP authentication fails if using UPN userPrincipalName to login Gateway. When running /tmp/aaad.debug log on NetScaler, the following error "user @domainname.com not found" is printed in logs. /usr/home/build/adc/usr.src/netscaler/aaad/ldapdrv.c528: receiveldapusersearchevent 0-2: ldapfirstentr...

Error "Try again after some time or contact your help desk" after authentication passed

After inputting your username and password to "https://x.x.x.x/manageotp" page, you are encountering an error message that says, "Try again after some time or contact your help desk " "Rejecting with error code 4009 “， ”receiveldapusersearchevent:ldapfirstentryreturned null, user XXX not found “...

UBUNTU-CVE-2022-39307

Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the /api/user/password/sent-reset-email URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks...

Grafana -- Username enumeration

Grafana Labs reports: When using the forget password on the login page, a POST request is made to the /api/user/password/sent-reset-email URL. When the username or email does not exist, a JSON response contains a “user not found” message. The CVSS score for this vulnerability is 5.3 Moderate...

REST API for Add user to group returns error 400 instead of 404 when the user does not exist

h3. Issue Summary REST API for Add user to group returns error 400 instead of 404 when the user does not exist. According to the documentation of JIRA 8.5.3|https://docs.atlassian.com/software/jira/docs/api/REST/8.5.3/api/2/group-addUserToGroup when the user or group does not exist, an error 404...

[DLA-0021-1] fail2ban security update

Package : fail2ban Version : 0.8.4-3+squeeze3 CVE ID : CVE-2013-7176 CVE-2013-7177 Use anchored failregex for filters to avoid possible DoS. Manually picked up from the current status of 0.8 branch as of 0.8.13-29-g09b2016: - CVE-2013-7176: postfix.conf - anchored on the front, expects...