CWE-203
Observable Discrepancy
The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.
733 vulnerabilities with CWE-203
CVE-2023-21305
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via Content Side Channel
CVSS 5.5
CVE-2023-21304
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via Content Service Side Channel
CVSS 5.5
CVE-2023-21303
MEDIUM
Android < 14.0 - Unauthenticated App Presence Detection via Content Side Channel
CVSS 5.5
CVE-2023-21302
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via Package Manager Side Channel
CVSS 5.5
CVE-2023-21301
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via ActivityManagerService Side Channel
CVSS 5.5
CVE-2023-21300
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via PackageManager Side Channel
CVSS 5.5
CVE-2023-21299
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via Package Manager Side Channel
CVSS 5.5
CVE-2023-21298
HIGH
Android < 14.0 - Installed Application Disclosure via Slice Side Channel
CVSS 7.8
CVE-2023-21296
MEDIUM
Android < 14.0 - Local Privilege Escalation via App Installation Side Channel
CVSS 5.5
CVE-2023-21293
MEDIUM
Android < 14.0 - Unauthenticated App Installation Status Disclosure via PackageManagerNative Side Channel
CVSS 5.5
CVE-2023-5722
MEDIUM
Firefox < 119.0 - Information Disclosure via Opaque Response Size and Vary Header
CVSS 5.3
CVE-2023-36127
HIGH
PHPJabbers Appointment Scheduler 3.0 - Info Disclosure
CVSS 7.5
CVE-2023-43623
MEDIUM
Mendix <V5.4.0, <V3.7.3, <V4.1.3 - Info Disclosure
CVSS 5.3
CVE-2023-38871
MEDIUM
gugoan Economizzer <0.9-beta1 - Info Disclosure
CVSS 5.3
CVE-2023-44216
MEDIUM
Canonical Ubuntu Linux - Information Disclosure
CVSS 5.3
CVE-2023-25529
HIGH
NVIDIA DGX H100 and A100 BMC < 23.08.18 - Unauthenticated Session Token Leak via Timing Discrepancy
CVSS 8.0
CVE-2023-4095
MEDIUM
Arconte Aurea 1.5.0.0 - Info Disclosure
CVSS 5.3
CVE-2023-41885
MEDIUM
piccolo < 0.121.0 - User Enumeration via BaseUser.login
CVSS 5.3
CVE-2023-3221
MEDIUM
Password Recovery Plugin 1.2 for Roundcube - User Enumeration via Password Recovery Function
CVSS 5.3
CVE-2023-39522
MEDIUM
authentik <2023.5.6 and 2023.6.0-2023.6.2 - Username Enumeration via Recovery Flow
CVSS 5.3
CVE-2023-40756
CRITICAL
PHPJabbers Callback Widget v1.0 - Info Disclosure
CVSS 9.8
CVE-2023-33850
HIGH
IBM TXSeries for Multiplatform - Timing-Based Side Channel in RSA Decryption
CVSS 7.5
CVE-2023-40021
MEDIUM
Oppia 1.1.0-3.3.2 - Observable Timing Discrepancy in CSRF Token Validation
CVSS 5.3
CVE-2023-40343
MEDIUM
Jenkins Tuleap Authentication Plugin < 1.1.20 - Authentication Token Timing Attack
CVSS 5.9
CVE-2023-20569
MEDIUM
Fedora - Information Disclosure
CVSS 4.7
Details
Vulnerabilities
733