Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2021-0987 LOW

Android - Local Information Disclosure via Side Channel in PhoneInterfaceManager

CVE-2021-43823 MEDIUM

Sourcegraph <3.33.2 - Info Disclosure

CVE-2021-44848 MEDIUM

Thinfinity VirtualUI < 3.0 - User Enumeration via Password Change Response Discrepancy

CVE-2021-1924 CRITICAL

Qualcomm APQ8009 and related firmware - Information Disclosure via RSA-CRT Mod Exponentiation Side-Channel

CVE-2021-43398 MEDIUM

Crypto++ < 8.6.0 - Timing Side-Channel in MakePublicKey()

CVE-2021-34580 HIGH

mbconnect24 and mymbconnect24 <= 2.9.0 - Unauthenticated User Enumeration via Login Response Discrepancy

CVE-2021-38476 MEDIUM

InHand Networks IR615 Router <2.3.0.r4870 - Info Disclosure

CVE-2021-38562 HIGH

Best Practical Request Tracker 4.2.0-4.2.16, 4.4.0-4.4.4, 5.0.0-5.0.1 - Information Disclosure via Timing Attack

CVE-2021-26318 MEDIUM

AMD Athlon, Athlon Pro, EPYC, Ryzen, and Ryzen Pro Firmware - Observable Timing Discrepancy via PREFETCH Instructions

CVE-2021-24651 HIGH

Poll Maker WordPress Plugin < 3.4.2 - Unauthenticated SQL Injection via ays_finish_poll AJAX Action

CVE-2021-37968 MEDIUM

Google Chrome < 94.0.4606.54 - Cross-Origin Data Leak via Background Fetch API

CVE-2021-20376 MEDIUM

IBM Sterling File Gateway <6.1.1.0 - Info Disclosure

CVE-2021-38153 MEDIUM

Apache Kafka <2.8.1-2.8.0 - Timing Attack

CVE-2021-34576 MEDIUM

Kaden PICOFLUX Air Firmware - Information Exposure via Observable Discrepancy

CVE-2021-39189 MEDIUM

pimcore < 10.1.3 - Username Enumeration via Forgot Password Functionality

CVE-2021-37151 MEDIUM

CyberArk Identity < 21.11.133 - Username Enumeration via Authentication Response Length

CVE-2021-38209 LOW

Linux kernel <5.12.2 - Info Disclosure

CVE-2021-3642 MEDIUM

Wildfly Elytron < 1.10.14 - Timing Attack via ScramServer

CVE-2021-37848 HIGH

barebox < 2021.07.0 - Timing Side-Channel in Password Hash Comparison

CVE-2021-34575 HIGH

mbconnect24 <= 2.8.0 - Unauthenticated User Enumeration via Response Analysis

CVE-2021-34556 MEDIUM

Linux Kernel < 5.13.7 - Information Disclosure via BPF Speculative Store Bypass

CVE-2021-35477 MEDIUM

Linux kernel <5.13.7 - Info Disclosure

CVE-2021-37606 MEDIUM

meow_hash 0.5/calico - Inadequate Encryption Strength via Collision Timing Attack

CVE-2021-20113 MEDIUM

TCExam <= 14.8.1 - Unauthenticated Email Enumeration via Password Reset Error Discrepancy

CVE-2021-24117 MEDIUM

Apache Teaclave SGX SDK 1.1.3 - Side-Channel Information Disclosure via Base64 PEM Decoding

Previous Page 20 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy