Weaknesses of type CWE-203
294 resultsCVE-2023-37305—An issue was discovered in the ProofreadPage (aka Proofread Page) extension for MediaWiki through 1.39.3. In includes/Page/PageContentHandleEPSS 0.5%CVE-2025-11443MEDIUMJhumanJ OpnForm Forgotten Password email information exposureEPSS 0.5%CVE-2023-43623MEDIUMA vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All versions < V5.4.0), Mendix Forgot Password (MendixEPSS 0.5%CVE-2021-46876MEDIUMAn issue was discovered in eZ Publish Ibexa Kernel before 7.5.15.1. The /user/sessions endpoint can be abused to determine account existenceEPSS 0.5%CVE-2021-45925MEDIUMUsername EnumerationEPSS 0.5%CVE-2022-43412MEDIUMJenkins Generic Webhook Trigger Plugin 1.84.1 and earlier uses a non-constant time comparison function when checking whether the provided anEPSS 0.5%CVE-2025-63094HIGHXiangShan Nanhu V2 and XiangShan Kunmighu V3 were discovered to use speculative execution and indirect branch prediction, allowing attackersEPSS 0.5%CVE-2022-26382MEDIUMWhile the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. Side-channel atEPSS 0.5%CVE-2024-0436HIGHPrevent timing attack for single-user password checkEPSS 0.5%CVE-2024-25651MEDIUMUser enumeration can occur in the Authentication REST API in Delinea PAM Secret Server 11.4. This allows a remote attacker to determine whetEPSS 0.5%CVE-2023-37482MEDIUMThe login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated reEPSS 0.5%CVE-2024-2464MEDIUMApplication users enumeration in CDeXEPSS 0.5%CVE-2024-49358MEDIUMZimaOS vulnerable to Username Enumeration via API ResponsesEPSS 0.5%CVE-2024-40490HIGHAn issue in Sourcebans++ before v.1.8.0 allows a remote attacker to obtain sensitive information via a crafted XAJAX call to the Forgot PassEPSS 0.5%CVE-2022-4025MEDIUMInappropriate implementation in Paint in Google Chrome prior to 98.0.4758.80 allowed a remote attacker to leak cross-origin data outside an EPSS 0.5%CVE-2019-19338MEDIUMA flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculativEPSS 0.5%CVE-2023-33518MEDIUMemoncms v11 and later was discovered to contain an information disclosure vulnerability which allows attackers to obtain the web directory pEPSS 0.5%CVE-2025-31124MEDIUMZitadel allows User Enumeration by loginname attribute normalizationEPSS 0.5%CVE-2023-28015MEDIUMHCL Domino AppDev Pack is susceptible to a User Account Enumeration vulnerabilityEPSS 0.4%CVE-2023-34344MEDIUMA vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid usernameEPSS 0.4%