Lucene search
K

17 matches found

OSV
OSV
added 2026/06/09 8:29 p.m.10 views

MAL-2026-5471 Malicious code in getd-ui-library (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fcdbf66757b102ed524f01c498adae819b02968aa455f57316f4e08af1fb9ea0 On npm install, postinstall.js runs unconditionally scripts.postinstall = 'node postinstall.js' and sends an HTTPS GET to a hardcoded webhook.site UR...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:18 p.m.5 views

CVE-2020-20472

White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...

5.3CVSS6.7AI score0.0145EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2025/03/28 11:51 p.m.8 views

CVE-2024-51477 IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...

4.3CVSS6.1AI score0.00281EPSS
Exploits0References1
CNVD
CNVD
added 2025/02/17 12:0 a.m.7 views

IBM Aspera Faspex Information Disclosure Vulnerability (CNVD-2025-06209)

IBM Aspera Faspex is an International Business Machines IBM solution for rapid global person-to-person document delivery and collaboration. An information disclosure vulnerability exists in IBM Aspera Faspex that stems from an observable response discrepancy that could be exploited by an attacker...

5.3CVSS5.9AI score0.0029EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/29 4:36 p.m.10 views

CVE-2023-37413 IBM Aspera Faspex information disclosure

IBM Aspera Faspex 5.0.0 through 5.0.10 could disclose sensitive username information due to an observable response discrepancy...

5.3CVSS5.1AI score0.0029EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2022/05/13 1:12 a.m.26 views

Moodle allows attackers to obtain username and course information

Moodle through 2.3.11, 2.4.x before 2.4.11, 2.5.x before 2.5.7, 2.6.x before 2.6.4, and 2.7.x before 2.7.1 does not enforce certain capability requirements in 1 notes/index.php and 2 user/edit.php, which allows remote attackers to obtain potentially sensitive username and course information via a...

5CVSS6.2AI score0.014EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2021/06/21 5:15 a.m.13 views

CVE-2020-20472

White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...

5.3CVSS0.0145EPSS
Exploits1References1
Prion
Prion
added 2021/06/21 5:15 a.m.8 views

Information disclosure

White Shark System WSS 1.3.2 has a sensitive information disclosure vulnerability. The ifgetaddbook.php file does not have an authentication operation. Remote attackers can obtain username information for all users of the current site...

5CVSS5.4AI score0.0145EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/06/21 4:5 a.m.71 views

CVE-2020-20472

CVE-2020-20472 affects White Shark System (WSS) 1.3.2. The vulnerability is in if_get_addbook.php, which operates without authentication, allowing remote attackers to obtain username information for all users on the current site. The condition arises from lack of access control on that endpoint (...

5.3CVSS5.3AI score0.0145EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2021/04/12 12:0 a.m.5 views

Unauthorized Access Vulnerability in Manto Networks ezEIP

ezEIP is a website management system of Wando Network Technology Co. An unauthorized access vulnerability exists in Wando Networks ezEIP, which can be exploited by an attacker to obtain username information...

6.9AI score
Exploits0
UbuntuCve
UbuntuCve
added 2016/04/12 3:59 p.m.20 views

CVE-2016-3170

The "have you forgotten your password" links in the User module in Drupal 7.x before 7.43 and 8.x before 8.0.4 allow remote attackers to obtain sensitive username information by leveraging a configuration that permits using an email address to login and a module that permits logging in...

5.3CVSS6.5AI score0.0215EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2016/04/12 3:0 p.m.30 views

CVE-2016-3170

Removed by vendor...

5.3CVSS5.8AI score0.0215EPSS
Exploits0
NVD
NVD
added 2016/02/13 2:59 a.m.19 views

CVE-2016-0864

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...

5.3CVSS6AI score0.01176EPSS
Exploits0References1
Prion
Prion
added 2016/02/13 2:59 a.m.14 views

Information disclosure

Tollgrade SmartGrid LightHouse Sensor Management System SMS Software EMS before 5.1, and 4.1.0 Build 16, allows remote attackers to obtain sensitive report and username information via unspecified vectors...

5CVSS6.8AI score0.01176EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2009/07/18 12:0 a.m.124 views

WordPress Multiple Vulnerabilities (Jul 2009)

WordPress is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescripti...

5CVSS7.3AI score0.85EPSS
Exploits18References5
OpenVAS
OpenVAS
added 2009/07/18 12:0 a.m.95 views

WordPress / WordPress MU Multiple Vulnerabilities (Jul 2009)

WordPress / WordPress MU is prone to multiple vulnerabilities SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.5AI score0.85EPSS
Exploits18References5
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.12 views

Debian: Security Advisory (DSA-1056-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.8AI score0.01655EPSS
Exploits0References3
Rows per page
Query Builder