Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-204

CWE-204

Observable Response Discrepancy

Parent: CWE-203 - Observable Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

157 vulnerabilities with CWE-204

CVE-2023-3221 MEDIUM

Password Recovery Plugin 1.2 for Roundcube - User Enumeration via Password Recovery Function

CVE-2023-40179 MEDIUM

Silverware Games <1.3.6 - Info Disclosure

CVE-2023-39343 MEDIUM

Sulu 2.5.0-2.5.9 - Observable Response Discrepancy via Admin Login Form

CVE-2023-37217 MEDIUM

Tadiran Telecom Aeonix - Observable Response Discrepancy

CVE-2023-35698 MEDIUM

SICK ICR890-4 Firmware < 2.5.0 - Observable Response Discrepancy via FTP Login

CVE-2023-3336 MEDIUM

TN-5900 Series <3.3 - Info Disclosure

CVE-2023-31186 MEDIUM

Avaya IX Workforce Engagement <15.2.7.1195 - Info Disclosure

CVE-2023-28412 MEDIUM

Snapone Orvc < 7.3.0 - Information Disclosure

CVE-2023-32346 MEDIUM

Teltonika's Remote Management System <4.10.0 - Info Disclosure

CVE-2023-23449 MEDIUM

SICK FTMg AIR FLOW SENSOR Firmware < 2.0 - Observable Response Discrepancy via REST Interface

CVE-2023-27464 MEDIUM

Mendix Forgot Password < 3.7.1 - Information Disclosure via Observable Response Discrepancy

CVE-2023-1540 MEDIUM

answerdev/answer <1.0.6 - Info Disclosure

CVE-2022-20633 MEDIUM

Cisco Enterprise Chat and Email < 12.6(1)es1 - Username Enumeration via Auth Response

CVE-2022-39228 MEDIUM

vantage6 3.3.3-3.7.9 - User Enumeration via Login Response Timing

CVE-2022-41697 MEDIUM

Ghost Foundation Ghost <5.9.4 - Info Disclosure

CVE-2022-39315 MEDIUM

Kirby < 3.5.8.2, 3.6.6.2, 3.7.5.1, 3.8.1 - User Enumeration via Error Message Timing

CVE-2022-22520 MEDIUM

MymbCONNECT24 <v2.11.2 - Info Disclosure

CVE-2022-1989 MEDIUM

CODESYS Visualization <V4.2.0.0 - Info Disclosure

CVE-2022-31248 MEDIUM

SUSE Manager Server <4.1.46-1, <4.2.37-1 - Info Disclosure

CVE-2022-0564 MEDIUM

Qlik Sense Enterprise on Windows - Info Disclosure

CVE-2021-47717 MEDIUM

IntelliChoice eFORCE Software Suite 2.5.9 - Info Disclosure

CVE-2021-20556 MEDIUM

IBM Cognos Controller <11.0.0 - Info Disclosure

CVE-2021-36201 MEDIUM

CCURE 9000 Firmware < 2.90 - User Account Enumeration

CVE-2021-20049 HIGH

SonicWall SMA100/SMA200/SMA210/SMA400/SMA410/SMA500v < 10.0.0.0 - Unauthenticated Username Enumeration

CVE-2021-34580 HIGH

mbconnect24 and mymbconnect24 <= 2.9.0 - Unauthenticated User Enumeration via Login Response Discrepancy

Previous Page 6 of 7 Next

Details

Vulnerabilities 157

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy