Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2021-29443 MEDIUM

jose 1.0.0-1.28.0 - Padding Oracle via AES_CBC_HMAC_SHA2 Decryption

CVE-2021-21181 MEDIUM

Google Chrome <89.0.4389.72 - Info Disclosure

CVE-2021-21173 MEDIUM

Google Chrome <89.0.4389.72 - Info Disclosure

CVE-2021-27583 MEDIUM

Directus 8.0.0-8.8.1 - User Enumeration via Password Reset Feature

CVE-2021-0321 MEDIUM

Android 11 - Local Information Disclosure via Package Installation Side Channel

CVE-2020-36888 MEDIUM

SpinetiX Fusion Digital Signage 3.4.8 - Info Disclosure

CVE-2020-26062 MEDIUM

Cisco Unified Computing System - Unauthenticated Username Enumeration via Authentication Response Discrepancy

CVE-2020-10369 MEDIUM

Cypress/Broadcom Wireless Combo - Info Disclosure

CVE-2020-10367 MEDIUM

Cypress/Broadcom Wireless Combo - Memory Corruption

CVE-2020-35165 MEDIUM

Dell BSAFE <4.1.5-4.6 - Info Disclosure

CVE-2020-12413 MEDIUM

Firefox < 78.0 and Firefox ESR < 68.10.0 - Timing Attack via DHE Ciphersuites

CVE-2020-35473 MEDIUM

Bluetooth Core Specification 4.0-5.2 - Authentication Bypass by Capture-replay via Resolvable Private Addressing

CVE-2020-36517 HIGH

Home Assistant 2022.03 - Information Disclosure via Hardcoded DNS Resolver

CVE-2020-35398 MEDIUM

UTI Mutual Fund Invest Online < 5.4.28 - Username Enumeration via Error Message

CVE-2020-25082 LOW

Nuvoton NPCT75x Firmware 7.2.0-7.2.1 - ECC Private Key Extraction via ECDSA Timing Side-Channel

CVE-2020-36424 MEDIUM

Arm Mbed TLS < 2.24.0 - Private Key Recovery via Side-Channel Attack

CVE-2020-36422 MEDIUM

Arm Mbed TLS < 2.23.0 - ECC Private Key Recovery via Side Channel

CVE-2020-36421 MEDIUM

Arm Mbed TLS < 2.23.0 - RSA Private Key Disclosure via Modular Exponentiation Side Channel

CVE-2020-24512 LOW

Intel(R) Processors - Info Disclosure

CVE-2020-27211 MEDIUM

Nordic Semiconductor nRF52840 - Info Disclosure

CVE-2020-35518 MEDIUM

389 Directory Server < 1.4.3.19 - Unauthenticated LDAP Entry Existence Disclosure

CVE-2020-27170 MEDIUM

Linux kernel <5.11.8 - Info Disclosure

CVE-2020-1926 MEDIUM

Apache Hive <2.3.8 - Info Disclosure

CVE-2020-11287 HIGH

Qualcomm AQT1000 and others - Information Disclosure via RTT Frame MAC Address Linking

CVE-2020-9389 LOW

SquaredUp < 4.6 - Username Enumeration via Login Timing Attack

Previous Page 22 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy