10 matches found
EUVD-2006-2248
Malware in sbrugna...
EUVD-2024-54359
Malicious code in bioql PyPI...
CVE-2025-57770 ZITADEL user enumeration vulnerability in login UI
The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Versions 4.0.0 to 4.0.2, 3.0.0 to 3.3.6, and all versions prior to 2.71.15 are vulnerable to a username enumeration issue in the login interface. The login UI includes a security...
CVE-2025-52576
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...
CVE-2024-33856
An issue was discovered in Logpoint before 7.4.0. An attacker can enumerate a valid list of usernames by observing the response time at the Forgot Password endpoint...
CVE-2024-30176
In Logpoint before 7.4.0, an attacker can enumerate a valid list of usernames by using publicly exposed URLs of shared widgets...
CVE-2020-35398
An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted...
PT-2024-20548
Name of the Vulnerable Software and Affected Versions vantage6 affected versions not specified Description The issue allows attackers to determine which usernames exist in vantage6 by calling the API routes "/recover/lost" and "/2fa/lost", which send emails to users if they have lost their passwo...
PT-2023-22703 · Unknown · Medicine Tracker System
Name of the Vulnerable Software and Affected Versions: Medicine Tracker System version 1.0 Description: A username enumeration issue was discovered in the login functionality, allowing a malicious user to guess a valid username due to a different response time from invalid usernames. When a valid...
SUSE-SU-2018:3768-1 Security update for openssh-openssl1
This update for openssh-openssl1 fixes the following issues: Security issues fixed: - CVE-2018-15919: Remotely observable behaviour in auth-gss2.c in OpenSSH could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. OpenSSH developers do not want to...