CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

EUVD•added 2026/03/16 7:18 p.m.•1 views

EUVD-2026-12498

Chamilo LMS is a learning management system. Prior to version 1.11.36, Chamilo is vulnerable to user enumeration with valid/invalid username. This issue has been patched in version 1.11.36...

6.3CVSS5.7AI score0.00043EPSS

Exploits0References2

CVE•added 2026/02/19 12:0 a.m.•5 views

CVE-2026-26744

FormaLMS 4.1.18 and earlier is affected by a user-enumeration flaw in the password-recovery endpoint (/lostpwd). The app returns different error messages for valid versus invalid usernames, enabling unauthenticated attackers to determine registered usernames via observable responses. The descript...

5.3CVSS5.5AI score0.00043EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 12:41 p.m.•5 views

CVE-2023-25192

AMI MegaRAC SPX devices allow User Enumeration through Redfish. The fixed versions are SPx12-update-7.00 and SPx13-update-5.00...

5.3CVSS7AI score0.00363EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:36 p.m.•6 views

CVE-2023-49274

Umbraco is an ASP.NET content management system CMS. Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this...

5.3CVSS6.9AI score0.00368EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:31 p.m.•6 views

CVE-2023-40765

User enumeration is found in PHPJabbers Event Booking Calendar v4.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

9.8CVSS7AI score0.00134EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:30 p.m.•7 views

CVE-2023-40761

User enumeration is found in PHPJabbers Yacht Listing Script v2.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

9.8CVSS7AI score0.00123EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:29 p.m.•7 views

CVE-2023-40757

User enumeration is found in PHPJabbers Food Delivery Script v3.1. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

9.8CVSS7AI score0.00123EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:48 a.m.•6 views

CVE-2020-24008

Umanni RH 1.0 has a user enumeration vulnerability. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users...

5.3CVSS7AI score0.00198EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-7386

Malware in sbrugna...

5.3CVSS5.5AI score0.00376EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-27521

Malware in sbrugna...

4.3CVSS5.1AI score0.00197EPSS

Exploits0References3