Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2022-20752 MEDIUM

Cisco Unified Communications Manager 12.5(1) - Observable Timing Discrepancy

CVE-2022-34174 HIGH

Jenkins <2.355-<2.332.3 - Info Disclosure

CVE-2022-24436 MEDIUM

Intel(R) Processors - Info Disclosure

CVE-2022-23823 MEDIUM

AMD Athlon X4/Ryzen Threadripper PRO Firmware Info Disclosure via Timing Attack

CVE-2022-27221 MEDIUM

SINEMA Remote Connect Server < 3.1 - Plaintext Secret Exposure via BREACH Attack

CVE-2022-0823 MEDIUM

Zyxel GS1200 Series Firmware < 2.00 - Timing Side-Channel Password Guessing

CVE-2022-32273 MEDIUM

OPSWAT MetaDefender Core < 5.1.2 - Authenticated Filename Enumeration via Observable Discrepancy

CVE-2022-29185 MEDIUM

totp-rs < 1.1.0 - Observable Timing Discrepancy in Token Comparison

CVE-2022-24043 MEDIUM

Siemens Desigo DXR2, PXC3, PXC4, PXC5 - Username Enumeration via Login Timing Side Channel

CVE-2022-1318 MEDIUM

Hills ComNav < 3002-19 - Inadequate Encryption Strength in Local Network Configuration Traffic

CVE-2022-27814 LOW

swhkd 1.1.5 - Arbitrary File Existence Test via -c Option

CVE-2022-22356 MEDIUM

IBM MQ Appliance <9.2 - Info Disclosure

CVE-2022-24784 LOW

Statamic < 3.2.39 - Exposure of Sensitive Information via REST API Users Endpoint

CVE-2022-0564 MEDIUM

Qlik Sense Enterprise on Windows - Info Disclosure

CVE-2022-23643 MEDIUM

Sourcegraph 3.35.0-3.35.1 - Authenticated Exposure of Sensitive Information via Code Monitoring Feature

CVE-2022-0569 MEDIUM

Packagist snipe/snipe-it <5.3.9 - Info Disclosure

CVE-2022-21659 MEDIUM

Flask-AppBuilder < 3.4.4 - Unauthenticated User Enumeration via Login Timing Discrepancy

CVE-2022-24032 MEDIUM

Azenza AxiomSL ControllerView <10.8.1 - Info Disclosure

CVE-2022-23304 CRITICAL

hostapd and wpa_supplicant < 2.10 - Side-Channel Attack via EAP-pwd Cache Access Patterns

CVE-2022-23303 CRITICAL

hostapd and wpa_supplicant < 2.10 - Side Channel Attack via SAE Cache Access Patterns

CVE-2022-23106 MEDIUM

Jenkins Configuration as Code Plugin < 1.55 - Authentication Token Timing Attack

CVE-2022-22120 MEDIUM

NocoDB 0.9-0.83.8 - User Enumeration via Password Reset Error Message

CVE-2021-47664 MEDIUM

Franka Emika Robot <=4.0.3 - Username Enumeration

CVE-2021-47226 HIGH

Linux Kernel - Information Disclosure via FPU State Leak on XRSTOR Failure

CVE-2021-20556 MEDIUM

IBM Cognos Controller <11.0.0 - Info Disclosure

Previous Page 17 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy