CVE-2019-18865

Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames...

CVE-2021-47664

Due to improper authentication mechanism an unauthenticated remote attacker can enumerate valid usernames...

CVE-2024-56476 IBM TXSeries for Multiplatforms information disclosure

IBM TXSeries for Multiplatforms 9.1 and 11.1 could allow an attacker to enumerate usernames due to an observable login attempt response discrepancy...

CVE-2024-35114

CVE-2024-35114 affects IBM Control Center versions 6.2.1 and 6.3.1. The vulnerability, described as CWE-204 (Observable Response Discrepancy), could allow a remote attacker to enumerate usernames due to observable differences in login attempts. The IBM Security Bulletin (IBM Sterling Control Cent...

CVE-2009-0041

IAX2 in Asterisk Open Source 1.2.x before 1.2.31, 1.4.x before 1.4.23-rc4, and 1.6.x before 1.6.0.3-rc2; Business Edition A.x.x, B.x.x before B.2.5.7, C.1.x.x before C.1.10.4, and C.2.x.x before C.2.1.2.1; and s800i 1.2.x before 1.3.0 responds differently to a failed login attempt depending on...

CVE-2008-3903

Asterisk Open Source 1.2.x before 1.2.32, 1.4.x before 1.4.24.1, and 1.6.0.x before 1.6.0.8; Asterisk Business Edition A.x.x, B.x.x before B.2.5.8, C.1.x.x before C.1.10.5, and C.2.x.x before C.2.3.3; s800i 1.3.x before 1.3.0.2; and Trixbox PBX 2.6.1, when Digest authentication and authalwaysreje...

CVE-2001-1068

qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system...