Search
Search Results (106 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2016-9499 | 1 Accellion | 1 Ftp Server | 2024-11-21 | N/A |
| Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them. | ||||
| CVE-2024-47129 | 1 Gotenna | 2 Gotenna Pro, Pro App | 2024-10-17 | 4.3 Medium |
| The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages. This makes it possible to tell the length of the payload regardless of the encryption used. | ||||
| CVE-2024-41715 | 1 Gotenna | 1 Atak Plugin | 2024-10-17 | 4.3 Medium |
| The goTenna Pro ATAK Plugin does not inject extra characters into broadcasted frames to obfuscate the length of messages. This makes it possible to tell the length of the payload regardless of the encryption used. | ||||
| CVE-2024-8651 | 1 Netcat | 2 Netcat, Netcat Content Management System | 2024-09-23 | 5.3 Medium |
| A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. 6.4.0.24126.2 and possibly others. Apply patch from vendor https://netcat.ru/ https://netcat.ru/] . Versions 6.4.0.24248 and on have the patch. | ||||
| CVE-2024-34336 | 1 Ordat | 2 Foss-online, Ordat.erp | 2024-09-18 | 5.3 Medium |
| User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality. | ||||
| CVE-2024-42343 | 1 Loway | 1 Queuemetrics | 2024-09-11 | 5.3 Medium |
| Loway - CWE-204: Observable Response Discrepancy | ||||