26 matches found
K000160903: iControl REST vulnerability CVE-2026-42058
Security Advisory Description An authenticated attacker's undisclosed requests to BIG-IP iControl REST can lead to an information leak of BIG-IP local user account names. CVE-2026-42058 Impact This vulnerability allows for a remote authenticated attacker with network access to the iControl REST...
EUVD-2017-16508
Malware in sbrugna...
EUVD-2019-7734
Malware in sbrugna...
EUVD-2018-1802
Malware in sbrugna...
EUVD-2017-11807
Malware in sbrugna...
EUVD-2022-44937
Malicious code in bioql PyPI...
EUVD-2025-21047
Malicious code in bioql PyPI...
CVE-2025-53625
The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. Several dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. The vulnerability is fix...
CVE-2025-53625 DynamicPageList3 exposes hidden/suppressed usernames
The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. Several dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. The vulnerability is fix...
CVE-2025-53625 DynamicPageList3 exposes hidden/suppressed usernames
The DynamicPageList3 extension is a reporting tool for MediaWiki, listing category members and intersections with various formats and details. Several dpl parameters can leak usernames that have been hidden using revision deletion, suppression, or the hideuser block flag. The vulnerability is fix...
CVE-2022-22908
SangforCSClient.exe in Sangfor VDI Client 5.4.2.1006 allows attackers, when they are able to read process memory, to discover the contents of the Username and Password fields...
CVE-2019-17321
ClipSoft REXPERT 1.0.0.527 and earlier version have an information disclosure issue. When requesting web page associated with session, could leak username via session file path of HTTP response data. No authentication is required...
CVE-2006-6974
Headstart Solutions DeskPRO stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 list files in the includes/ directory; obtain the SQL username and password via a direct request for 2 config.php and 3 config.php.bak in includes/; rea...
CVE-2002-1970
SnortCenter 0.9.5, when configured to push Snort rules, stores the rules in a temporary file with world-readable and world-writable permissions, which allows local users to obtain usernames and passwords for the alert database servers...
CVE-2024-51477
IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...
CVE-2022-41766
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...
UBUNTU-CVE-2022-41766
An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...
CVE-2017-2659
It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid. When an invalid username is given, the GSSAPI authentication failure was incorrectly counted towards the maximum allowed number of password attempts...
Barracuda WAF V360 Firmware 8.0.1.014 Username / Session ID Leak Vulnerability
The Barracuda WAF management application transmits the current user and session identifier over HTTP GET. Firmware version 8.0.1.014 is affected. Title: Barracuda WAF Management Application Username and Session ID Leak 1. Vulnerability Details Affected Vendor: Barracuda Affected Product: Web...
Barracuda WAF V360 Firmware 8.0.1.014 Username / Session ID Leak
KL-001-2017-013 : Barracuda WAF Management Application Username and Session ID Leak Title: Barracuda WAF Management Application Username and Session ID Leak Advisory ID: KL-001-2017-013 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-013.tx...