12 matches found
EUVD-2018-11725
Malware in sbrugna...
PT-2025-39669
Name of the Vulnerable Software and Affected Versions Aranda PassRecovery version 1.0 Description An issue allows attackers to enumerate valid user accounts in Active Directory. This is achieved by sending a crafted POST request to the /user/existdirectory/1 API endpoint. The POST request allows...
CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera Firmware Version v3.0.0.188923031701 allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such...
CVE-2024-48644
Accounts enumeration vulnerability in the Login Component of Reolink Duo 2 WiFi Camera Firmware Version v3.0.0.188923031701 allows remote attackers to determine valid user accounts via login attempts. This can lead to the enumeration of user accounts and potentially facilitate other attacks, such...
CVE-2024-41733
In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the...
CVE-2021-44524
A vulnerability has been identified in SiPass integrated V2.76 All versions, SiPass integrated V2.80 All versions, SiPass integrated V2.85 All versions, Siveillance Identity V1.5 All versions, Siveillance Identity V1.6 All versions V1.6.284.0. Affected applications insufficiently limit the access...
CVE-2015-7259
ZTE ADSL ZXV10 W300 modems W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 allow user accounts to have multiple valid username and password pairs, which allows remote authenticated users to login to a target account via any of its username and password pairs...
User Enumeration Vulnerability in Journalx 2.0, a Remote Processing System for Journal Manuscripts
Journalx 2.0 is a remote processing platform for journal manuscripts developed independently by Beijing Magtech. A user enumeration vulnerability exists in Journalx 2.0. An attacker can exploit the vulnerability to obtain valid user accounts, resulting in an exhaustive attack...
Puppet Enterprise User Enumeration Vulnerability
Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise version. A user enumeration vulnerability exis...
Cloudera Manager User Enumeration Vulnerability
Cloudera Manager is a set of Hadoop data management software from Cloudera, USA. The software supports the creation of clusters, authentication, data backup and recovery and so on. A user enumeration vulnerability exists in Cloudera Manager. An attacker can exploit the vulnerability to obtain val...
CVE-2001-1280
POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid user names, which allows remote attackers to determine users on the system...
Solaris 2.67.0 - IN.FTPD CWD Username Enumeration
Solaris 2.67.0 - IN.FTPD CWD Username Enumeration source: https://www.securityfocus.com/bid/2564/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is a versatile operating system designed for use with machines as small as desktop systems and as larg...