Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2020-25065 HIGH

LG Android OS 4.4-10 - Key Logging via Obsolete API

CVE-2020-24008 MEDIUM

Umanni RH 1.0 - User Enumeration via Password Recovery Message Discrepancy

CVE-2020-15151 HIGH

OpenMage LTS <19.4.6, 20.0.2 - CSRF

CVE-2020-1459 HIGH

Windows 10 - Information Disclosure via Straight-Line Speculation Side-Channel

CVE-2020-17478 HIGH

Crypt::Perl <0.33 - Info Disclosure

CVE-2020-9690 MEDIUM

Magento < 2.3.5-p2 - Observable Timing Discrepancy

CVE-2020-11625 MEDIUM

AvertX HD838 and HD438 Firmware - Username Enumeration via Login Response Discrepancy

CVE-2020-6531 MEDIUM

Google Chrome < 84.0.4147.89 - Cross-Origin Data Leak via Scroll-to-Text Side Channel

CVE-2020-12402 MEDIUM

Firefox < 78.0 - Side-Channel Information Disclosure during RSA Key Generation

CVE-2020-12399 MEDIUM

Firefox < 77.0 and Firefox ESR < 68.9.0 - Timing Side-Channel in DSA Signature Verification

CVE-2020-15392 MEDIUM

Venki Supravizio BPM <10.1.2 - Info Disclosure

CVE-2020-14145 MEDIUM

OpenSSH 5.7-8.4 - Information Leak via Algorithm Negotiation

CVE-2020-14002 MEDIUM

PuTTY 0.68-0.73 - Information Leak via Algorithm Negotiation

CVE-2020-9588 HIGH

Magento < 1.9.4.5, < 1.14.4.4, 2.2.0-2.2.11, < 2.3.4-p2 - Observable Timing Discrepancy

CVE-2020-11735 MEDIUM

wolfssl < 4.4.0 - Observable Discrepancy in ECC Private-Key Operations

CVE-2020-4028 MEDIUM

Jira < 8.9.1 - Unauthenticated Information Disclosure via 404 Response

CVE-2020-13998 MEDIUM

Citrix XenApp 6.5 - Unauthenticated User Enumeration via 2FA Error Page

CVE-2020-13844 MEDIUM

Arm Cortex-A32/A35/A53/A57/A72/A73/A34 Firmware - Information Disclosure via Straight-Line Speculation

CVE-2020-13413 MEDIUM

Aviatrix Controller <5.4.1204 - Info Disclosure

CVE-2020-6473 MEDIUM

Google Chrome < 83.0.4103.61 - Information Disclosure via Blink Policy Enforcement

CVE-2020-11063 LOW

TYPO3 CMS <10.4.1 - Info Disclosure

CVE-2020-10932 MEDIUM

Arm Mbed TLS <2.16.6, <2.7.15 - Memory Corruption

CVE-2020-11713 HIGH

wolfSSL 4.3.0 - Timing Side-Channel Attack in ECC Mulmod Operation

CVE-2020-11576 MEDIUM

Argo CD 1.5.0 - User Enumeration via Session API Response Discrepancy

CVE-2020-10102 MEDIUM

Zammad 3.0-3.2.0 - Unauthenticated User Enumeration via Forgot Password Response Discrepancy

Previous Page 24 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy