Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-203

CWE-203

Observable Discrepancy

Parent: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor

The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor.

733 vulnerabilities with CWE-203

CVE-2023-5388 MEDIUM

Firefox < 124 and ESR < 115.9 - Timing Side-Channel Attack via RSA Decryption

CVE-2023-5410 HIGH

HP PC BIOS - Memory Tampering via System BIOS

CVE-2023-38362 MEDIUM

IBM CICS TX Advanced 10.1 - Info Disclosure

CVE-2023-50306 MEDIUM

IBM Common Licensing 9.0 - Username Enumeration via Observable Response Discrepancy

CVE-2023-6935 MEDIUM

wolfSSL 3.12.2-5.6.3 - Timing Attack via Static RSA Cipher Suites

CVE-2023-51437 HIGH

Apache Pulsar <2.11.3, 3.0.2, 3.1.1 - Code Injection

CVE-2023-50782 HIGH

Python-cryptography - Info Disclosure

CVE-2023-50781 HIGH

Red Hat Enterprise Linux - Observable Discrepancy in RSA Key Exchange

CVE-2023-6240 MEDIUM

Linux Kernel - RSA Decryption Side-Channel Information Disclosure via Marvin Attack

CVE-2023-5992 MEDIUM

OpenSC < 0.25.0 - Side-Channel Information Disclosure via PKCS#1 Padding Removal

CVE-2023-6258 HIGH

pkcs11-provider - Bleichenbacher-like Side-Channel Attack on PKCS#1 1.5 Decryption

CVE-2023-52323 MEDIUM

PyCryptodome and PyCryptodomeX < 3.19.1 - Side-Channel Leakage for OAEP Decryption

CVE-2023-46739 MEDIUM

CubeFS < 3.3.1 - Timing Attack via UserService Password Comparison

CVE-2023-50708 MEDIUM

yii2-authclient < 2.2.15 - Timing Attack via OAuth State and OpenID Connect Nonce Comparison

CVE-2023-41097 MEDIUM

Silabs Gecko Software Development Kit < 4.4.0 - Observable Timing Discrepancy in CBC PKCS7 Padding

CVE-2023-6135 MEDIUM

Firefox < 121.0 - Side-Channel Attack via Minerva on NSS NIST Curves

CVE-2023-23584 MEDIUM

Gallagher Command Centre < 8.50 - Information Disclosure via RESTAPI Response Discrepancy

CVE-2023-50979 MEDIUM

Crypto++ < 8.9.0 - Marvin Side Channel via PKCS#1 v1.5 Padding

CVE-2023-4421 MEDIUM

NSS < 3.61 - Timing Side-Channel Attack via PKCS#1 v1.5 Padding Check

CVE-2023-45287 HIGH

GO < 1.20.0 - Information Disclosure

CVE-2023-40090 MEDIUM

Android - Remote Privilege Escalation via BTM_BleVerifySignature Side Channel

CVE-2023-49092 MEDIUM

RustCrypto RSA - Covert Timing Channel via Non-Constant-Time Implementation

CVE-2023-5981 MEDIUM

GnuTLS - Timing Side-Channel in RSA-PSK ClientKeyExchange

CVE-2023-47102 MEDIUM

UrBackup Server 2.5.31 - User Enumeration via Login Failure Message

CVE-2023-21354 MEDIUM

Android - Local Information Disclosure via Package Manager Service Side Channel

Previous Page 9 of 30 Next

Details

Vulnerabilities 733

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy