Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-204

CWE-204

Observable Response Discrepancy

Parent: CWE-203 - Observable Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

157 vulnerabilities with CWE-204

CVE-2025-31124 MEDIUM

zitadel < 2.63.9 - Username Enumeration via Normalization Bypass

CVE-2025-2910 MEDIUM

Fermax MeetMe < 2024-09 - User Enumeration via Password Reset Error Messages

CVE-2025-24023 LOW

Flask-AppBuilder < 4.5.3 - Unauthenticated Username Enumeration via Timing Attack

CVE-2025-1101 MEDIUM

Q-Free MaxTime <= 2.11.0 - Info Disclosure

CVE-2025-23193 MEDIUM

SAP NetWeaver Server ABAP - Info Disclosure

CVE-2025-24980 MEDIUM

pimcore/admin-ui-classic-bundle < 1.7.4 - User Enumeration via Forgot Password Error Message

CVE-2025-0693 MEDIUM

AWS Sign-in < unknown - Info Disclosure

CVE-2025-23214 MEDIUM

Cosmos-Server < 0.17.7 - User Enumeration via Login Error Code

CVE-2024-0391 MEDIUM

Username Enumeration via Email OTP Flow in Multiple WSO2 Products Allows User Account Discovery

CVE-2024-51447 MEDIUM

Polarion ALM V2310 and V2404 < V2404.2 - Unauthenticated Observable Response Discrepancy in Username Validation

CVE-2024-56476 MEDIUM

IBM TXSeries for Multiplatforms <9.1, 11.1 - Info Disclosure

CVE-2024-55198 MEDIUM

Celk Sistemas Celk Saude <3.1.252.1 - Info Disclosure

CVE-2024-35114 MEDIUM

IBM Control Center 6.2.1 and 6.3.1 - Username Enumeration via Observable Login Discrepancy

CVE-2024-36510 MEDIUM

FortiClientEMS/FortiSOAR <7.5.0 - Info Disclosure

CVE-2024-42174 LOW

HCL MyXalytics - Username Enumeration via Observable Response Discrepancy

CVE-2024-13198 LOW

Langhsu Mblog Blog System 3.5.0 - Info Disclosure

CVE-2024-13028 LOW

Antabot White-Jotter <0.2.2 - Info Disclosure

CVE-2024-12663 LOW

Mee-Admin <= 1.6 - Observable Response Discrepancy via Login Username Parameter

CVE-2024-47129 MEDIUM

goTenna Pro App < 1.6.1 and < 2.0.3 - Observable Response Discrepancy via Broadcast Frame Length

CVE-2024-41715 MEDIUM

goTenna Pro ATAK Plugin < 2.0.7 - Observable Response Discrepancy via Broadcast Frame Length

CVE-2024-8651 MEDIUM

NetCat CMS <6.4.0.24248 - Info Disclosure

CVE-2024-34336 MEDIUM

ORDAT FOSS-Online <2.24.01 - Info Disclosure

CVE-2024-42343 MEDIUM

Loway QueueMetrics 17.06.1-24.05.5 - Observable Response Discrepancy

CVE-2024-38431 MEDIUM

Matrix Tafnit < 8.4.202 - Observable Response Discrepancy

CVE-2024-40627 MEDIUM

fastapi-opa < 2.0.1 - Unauthenticated Information Disclosure via OPTIONS Request Bypass

Previous Page 4 of 7 Next

Details

Vulnerabilities 157

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy