CWE:
 

Tytuł
Data
Autor
Low
Zepp 6.1.4-play User Account Enumeration
01.05.2022
Karima Hebbal
Low
Vivellio 1.2.1 User Account Enumeration
03.02.2022
Karima Hebbal


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2024-09-26
Waiting for details
CVE-2024-41715

Updating...
 

 
The goTenna Pro ATAK Plugin has a payload length vulnerability that makes it possible to tell the length of the payload regardless of the encryption used.

 
Waiting for details
CVE-2024-47129

Updating...
 

 
The goTenna Pro has a payload length vulnerability that makes it possible to tell the length of the payload regardless of the encryption used.

 
2024-09-10
Waiting for details
CVE-2023-49069

Updating...
 

 
A vulnerability has been identified in Mendix Runtime V10 (All versions < V10.14.0 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.12 (All versions < V10.12.2 only if the basic authentication mechanism is used by the application), Mendix Runtime V10.6 (All versions < V10.6.12 only if the basic authentication mechanism is used by the application), Mendix Runtime V8 (All versions only if the basic authentication mechanism is used by the application), Mendix Runtime V9 (All versions < V9.24.26 only if the basic authentication mechanism is used by the application). The authentication mechanism of affected applications contains an observable response discrepancy vulnerability when validating usernames. This could allow unauthenticated remote attackers to distinguish between valid and invalid usernames.

 
2024-09-08
Waiting for details
CVE-2024-42343

Updating...
 

 
Loway - CWE-204: Observable Response Discrepancy

 
2024-07-30
Waiting for details
CVE-2024-38431

Updating...
 

 
Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy

 
2024-07-10
Waiting for details
CVE-2023-33859

Updating...
 

 
IBM Security QRadar EDR 3.12 could disclose sensitive information due to an observable login response discrepancy. IBM X-Force ID: 257697.

 
2024-06-28
Waiting for details
CVE-2024-38322

Updating...
 

 
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 agent username and password error response discrepancy exposes product to brute force enumeration. IBM X-Force ID: 294869.

 
2024-06-17
Waiting for details
CVE-2024-6056

Updating...
 

 
A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /forgot-password of the component Password Reset Handler. The manipulation of the argument Email leads to observable response discrepancy. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-268784. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

 
2024-06-15
Waiting for details
CVE-2024-31870

Updating...
 

 
IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related *USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in further attacks. IBM X-Force ID: 287174.

 
2024-05-04
Waiting for details
CVE-2023-27283

Updating...
 

 
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.

 

 


Copyright 2024, cxsecurity.com

 

Back to Top