Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2025-67806 LOW

Sage DPW <2021_06_000 - Info Disclosure

CVE-2025-65185 LOW

Entrinsik Informer 5.10.1 - Username Enumeration via Local User Login

CVE-2025-68164 LOW

JetBrains TeamCity < 2025.11 - Port Enumeration via Perforce Connection Test

CVE-2025-13912 LOW

wolfSSL < 5.8.4 - Timing Side-Channel Information Disclosure via LLVM Optimization

CVE-2025-63094 HIGH

XiangShan Nanhu V2 and Kunmighu V3 - Exposure of Sensitive Information via Speculative Execution Side-Channel

CVE-2025-39665 MEDIUM

Nagvis < 1.9.48 - Unauthenticated User Enumeration via Checkmk MultisiteAuth

CVE-2025-59702 HIGH

Entrust nShield HSM <13.6.12 Authenticated Tamper Event Falsification

CVE-2025-56423 MEDIUM

OpenAtlas < 8.12.1 - User Enumeration via Login Error Messages

CVE-2025-12888 HIGH

Xtensa-based ESP32 - Timing Side Channel

CVE-2025-11932 MEDIUM

wolfssl - Timing Side-Channel in TLS 1.3 PSK Binder Verification

CVE-2025-64749 MEDIUM

Directus < 11.13.0 - Information Disclosure via Collection Existence Error Messages

CVE-2025-59716 MEDIUM

owncloud guests < 0.12.4 - Unauthenticated User Enumeration via Registration Endpoint

CVE-2025-11145 HIGH

CBK Soft Software Hardware Electronic Computer Systems Industry and...

CVE-2025-36225 MEDIUM

IBM Aspera Faspex 5.0.0-5.0.13.1 - Authenticated Sensitive Information Disclosure via Observable Discrepancy

CVE-2025-11443 LOW

JhumanJ OpnForm <1.9.3 - Info Disclosure

CVE-2025-54477 MEDIUM

Passkey <unknown> - Info Disclosure

CVE-2025-41252 HIGH

VMware NSX 9.x, 4.2.x, 4.1.x, 4.0.x; NSX-T 3.x; Cloud Foundation 5.x, 4.5.x - Unauthenticated Username Enumeration

CVE-2025-1396 LOW

WSO2 Identity Server - Username Enumeration via Multi-Attribute Login Error Messages

CVE-2025-10890 CRITICAL

Google Chrome < 140.0.7339.207 - Side-Channel Information Leakage in V8

CVE-2025-9031 MEDIUM

DivvyDrive Web 4.8.2.2-4.8.2.14 - Observable Timing Discrepancy via Cross-Domain Search

CVE-2025-43786 MEDIUM

Liferay Digital Experience Platform 2024.Q1.1-2024.Q1.12 - Information Disclosure via ERC Enumeration

CVE-2025-39702 HIGH

Linux Kernel - Observable Timing Discrepancy in IPv6 Segment Routing MAC Comparison

CVE-2025-48561 MEDIUM

Multiple Locations - Info Disclosure

CVE-2025-57770 MEDIUM

Zitadel < 2.71.15 - Unauthenticated Username Enumeration via Select Account Page

CVE-2025-43751 MEDIUM

Liferay Portal 7.4.0-7.4.3.132 & DXP 2023.Q3.1-2024.Q4.7 User Enumeration via Create Account

Previous Page 2 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy