Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2022-45177 HIGH

LIVEBOX Collaboration vDesk <= v031 - Observable Response Discrepancy in User Enable and Shared Search Endpoints

CVE-2022-48220 MEDIUM

HP Elite and EliteDesk G8/G9 Firmware - Intrusion Detection Bypass via Physical TamperLock Attack

CVE-2022-20264 MEDIUM

Usage Stats Service - Info Disclosure

CVE-2022-25332 MEDIUM

Texas Instruments OMAP L138 - Timing Side Channel

CVE-2022-46724 LOW

iPadOS < 16.4 - Unprotected User Data Exposure via Lock Screen Magnifier

CVE-2022-40982 MEDIUM

Intel(R) Processors - Info Disclosure

CVE-2022-42792 MEDIUM

iPadOS < 16.0 and iPhone OS < 16.1 - Unauthorized Sensitive Location Information Access

CVE-2022-24695 MEDIUM

Bluetooth Core Specification <5.3 - Info Disclosure

CVE-2022-40482 MEDIUM

Laravel Framework 8.0.0-8.83.24 - User Enumeration via Timing Attack

CVE-2022-34125 MEDIUM

GLPI CMDB < 3.0.3 - Unauthenticated Sensitive Information Exposure via File Parameter

CVE-2022-41354 MEDIUM

Argo CD < 2.4.28 and 2.5.0-2.5.16 - Unauthenticated Application Enumeration

CVE-2022-39228 MEDIUM

vantage6 3.3.3-3.7.9 - User Enumeration via Login Response Timing

CVE-2022-4304 MEDIUM

OpenSSL - Timing Side-Channel Attack in RSA Decryption

CVE-2022-3143 HIGH

Wildfly-elytron < 1.15.15.Final - Timing Attack via Unsafe Comparator

CVE-2022-42288 MEDIUM

NVIDIA DGX A100 Firmware < 00.19.07 - Unauthenticated Username Enumeration via IPMI Handler Timing Discrepancy

CVE-2022-4499 HIGH

TP-Link Archer C5 and WR710N-V1 - Timing Side-Channel Attack via strcmp Credential Check

CVE-2022-4543 MEDIUM

Linux Kernel - KASLR Base Leak via EntryBleed TLB Prefetch Side-Channel

CVE-2022-30332 MEDIUM

Talend Administration Center 7.3.1.20200219 - Account Enumeration via Forgot Password Error Messages

CVE-2022-48251 HIGH

ARM Cortex-A Firmware - Side-Channel Information Disclosure via AES Instructions

CVE-2022-4025 MEDIUM

Google Chrome < 98.0.4758.80 - Cross-Origin Data Leak via Paint Implementation

CVE-2022-47952 LOW

lxc < 5.0.1 - Information Disclosure via lxc-user-nic Error Messages

CVE-2022-4823 LOW

InSTEDD Nuntium - Timing Discrepancy

CVE-2022-41765 MEDIUM

MediaWiki <1.35.8-1.38.3 - Info Disclosure

CVE-2022-44381 MEDIUM

Snipe-IT < 6.0.14 - User Enumeration via Password Reset Request

CVE-2022-45416 MEDIUM

Firefox < 107.0 and Firefox ESR < 102.5 - Keyboard Event Timing Side-Channel

Previous Page 14 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy