Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-204 (响应差异性信息暴露) — Vulnerability Class 133

133 vulnerabilities classified as CWE-204 (响应差异性信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2026-24468 OpenAEV Vulnerable to Username/Email Enumeration Through Differential HTTP Responses in Password Reset API — openaev 5.3 Medium2026-04-20
CVE-2026-34264 Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA — SAP Human Capital Management for SAP S/4HANA 6.5 Medium2026-04-14
CVE-2026-4113 SonicWALL SMA1000 安全漏洞 — SMA1000 7.5AIHighAI2026-04-09
CVE-2026-39851 Saleor has a user enumeration vulnerability due to different error messages — saleor 5.3AIMediumAI2026-04-08
CVE-2025-3716 User enumeration in ESET Protect (on-prem) — ESET Protect (on-prem) 4.3 -2026-03-30
CVE-2026-33419 MinIO: LDAP login brute-force via user enumeration and missing rate limit — minio 9.8 -2026-03-24
CVE-2026-33323 Parse Server: Email verification resend page leaks user existence — parse-server 5.3 -2026-03-24
CVE-2026-33688 AVideo has Pre-Captcha User Enumeration and Account Status Disclosure in Password Recovery Endpoint — AVideo 5.3 Medium2026-03-23
CVE-2026-30876 Chamilo LMS: User enumeration vulnerability via response — chamilo-lms 5.3AIMediumAI2026-03-16
CVE-2025-69243 User enumeration in Raytha CMS — Raytha 5.3 -2026-03-16
CVE-2025-13460 IBM Aspera Console Information Disclosure — Aspera Console 5.3 Medium2026-03-13
CVE-2025-12455 Username Enumeration Observable Response Discrepancy vulnerability has been discovered in OpenText™ Vertica. — Vertica 9.8 -2026-03-13
CVE-2026-2859 Unauthenticated Host Enumeration via Observable Response Discrepancy on Deploy Agent Endpoint — Checkmk 5.3 -2026-03-13
CVE-2026-24097 Authenticated Host Enumeration via Observable Response Discrepancy on Agent Register Existing Endpoint — Checkmk 4.3 -2026-03-13
CVE-2026-4045 projectsend Auth.php response discrepancy — projectsend 3.7 Low2026-03-12
CVE-2026-31901 Parse Server has user enumeration via email verification endpoint — parse-server 5.3AIMediumAI2026-03-11
CVE-2026-31888 Shopware has user enumeration via distinct error codes on Store API login endpoint — core 5.3 Medium2026-03-11
CVE-2026-28358 NocoDB: User Enumeration via Password Reset Endpoint — nocodb 5.3AIMediumAI2026-03-02
CVE-2026-28288 Dify has a user enumeration issue — dify 5.3 -2026-02-27
CVE-2026-25138 Rucio WebUI has Username Enumeration via Login Error Message — rucio 5.3 Medium2026-02-25
CVE-2025-62512 Piwigo Vulnerable to User Enumeration via Password Reset Endpoint — Piwigo 5.3 -2026-02-24
CVE-2026-27480 Static Web Server: Timing-Based Username Enumeration in Basic Authentication — static-web-server 5.3 Medium2026-02-21
CVE-2019-25338 Dokuwiki 2018-04-22b - Username Enumeration — Dokuwiki 5.3 Medium2026-02-12
CVE-2026-25509 CI4MS Vulnerable to User Email Enumeration via Password Reset Flow — ci4ms 5.3 Medium2026-02-03
CVE-2026-24664 Open eClass is Vulnerable to Username Enumeration via Login Response Discrepancies — openeclass 5.3 Medium2026-02-03
CVE-2026-24332 Discord 安全漏洞 — WebSocket API service 4.3 Medium2026-01-22
CVE-2026-23511 ZITADEL has a user enumeration vulnerability in Login UIs — zitadel 5.3 Medium2026-01-15
CVE-2025-69413 Gitea 安全漏洞 — Gitea 5.3 Medium2026-01-01
CVE-2025-67874 ChurchCRM has plaintext password return in response — CRM 8.1AIHighAI2025-12-16
CVE-2025-62181 Pega Platform versions 7.1.0 through Infinity 25.1.0 are affected by a User Enumeration where during user authentication process, a difference in response time could allow a remote unauthenticated user to determine if a username is valid or not. — Pega Infinity 5.3 Medium2025-12-10

Vulnerabilities classified as CWE-204 (响应差异性信息暴露) represent 133 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.