A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.…

Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server resp…

Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enu…

A vulnerability in SonicWall SMA100 password change API allows a remote unauthenticated attacke…

A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate…

Pimcore is an open source data & experience management platform. In versions prior to 10.1.3, i…

In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be …

Kaiten 57.128.8 allows remote attackers to enumerate user accounts via a crafted POST request, …

In mymbCONNECT24, mbCONNECT24 <= 2.9.0 an unauthenticated user can enumerate valid backend user…

A Observable Response Discrepancy vulnerability in spacewalk-java of SUSE Manager Server 4.1, S…

D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy …

D-Link Nuclias Connect firmware versions <= 1.3.1.4 contain an observable response discrepancy …

A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified …

A remote, unauthenticated attacker can enumerate valid users by sending specific requests to th…

Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215…

Piwigo is an open source photo gallery application for the web. In version 15.5.0 and likely ea…

CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.…

A vulnerability in the web-based management interface of Cisco&nbsp;ECE could allow an unauthen…

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 authentication process resp…

An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 throu…

All CODESYS Visualization versions before V4.2.0.0 generate a login dialog vulnerable to inform…

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or eq…

A vulnerability was found in nasirkhan Laravel Starter up to 11.8.0. It has been rated as probl…

Tibbo AggreGate Network Manager < 6.40.05 contains an observable response discrepancy in its lo…

Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6.

Dify is an open-source LLM app development platform. Prior to 1.9.0, responses from the Dify AP…

Go package IceWhaleTech/CasaOS-UserService provides user management functionalities to CasaOS. …

Cosmos provides users the ability self-host a home server by acting as a secure gateway to your…

NocoDB is software for building databases as spreadsheets. Prior to version 0.301.3, the passwo…

Liferay Portal 7.2.0 through 7.4.1, and older unsupported versions, and Liferay DXP 7.3 before …

Kirby is a Content Management System. Prior to versions 3.5.8.2, 3.6.6.2, 3.7.5.1, and 3.8.1, a…

Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify…

Fastapi OPA is an opensource fastapi middleware which includes auth flow. HTTP `OPTIONS` reques…

Teltonika’s Remote Management System versions prior to 4.10.0 contain a function that allows u…

userSpice 4.3.24 contains a username enumeration vulnerability that allows unauthenticated atta…

An observable response discrepancy in the Gallagher Command Centre RESTAPI allows an insuffici…

Under certain circumstances a CCURE Portal user could enumerate user accounts in CCURE 9000 ver…

Sulu is an open-source PHP content management system based on the Symfony framework. It allows …

User enumeration vulnerability in Devklan's Alma Blog that affects versions 2.1.10 and earlier.…

pimcore/admin-ui-classic-bundle provides a Backend UI for Pimcore. In affected versions an erro…