Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-208

CWE-208

Observable Timing Discrepancy

Parent: CWE-203 - Observable Discrepancy

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

137 vulnerabilities with CWE-208

CVE-2024-31074 MEDIUM

Intel QAT Engine <v1.6.1 - Info Disclosure

CVE-2024-41741 MEDIUM

IBM TXSeries for Multiplatforms 10.1 - Info Disclosure

CVE-2024-7010 MEDIUM

mudler/localai <2.17.1 - Info Disclosure

CVE-2024-47178 MEDIUM

basic-auth-connect <1.1.0 - Info Disclosure

CVE-2024-45052 MEDIUM

Fides < 2.44.0 - Unauthenticated Timing-Based Username Enumeration via Authentication Response

CVE-2024-1543 MEDIUM

wolfssl < 5.6.6 - Observable Timing Discrepancy in T-Table Implementation

CVE-2024-45191 MEDIUM

Matrix libolm <3.2.16 - Cache Timing Attack

CVE-2024-42368 MEDIUM

opentelemetry-collector-contrib 0.80.0-0.106.0 - Observable Timing Discrepancy in Bearer Token Authentication

CVE-2024-29995 HIGH

Windows Kerberos - Privilege Escalation

CVE-2024-41828 LOW

JetBrains TeamCity <2024.07 - Info Disclosure

CVE-2024-40640 LOW

vodozemac < 0.7.0 - Observable Timing Discrepancy in Base64 Key Import

CVE-2024-39329 MEDIUM

Django <5.0.7, <4.2.14 - Info Disclosure

CVE-2024-36405 MEDIUM

liboqs < 0.10.1 - Covert Timing Channel in Kyber Key Encapsulation Mechanism

CVE-2024-2467 MEDIUM

perl-Crypt-OpenSSL-RSA - Info Disclosure

CVE-2024-3296 MEDIUM

Red Hat Enterprise Linux 8 and 9 - Observable Timing Discrepancy in rust-openssl PKCS#1v1.5 RSA Padding

CVE-2024-24770 MEDIUM

vantage6 < 4.2.2 and >= 4.3.0 - Username Enumeration via Password Recovery and 2FA Lost Token Endpoints

CVE-2024-0202 MEDIUM

cryptlib < 3.4.7 - Timing Attack via RSA Key Exchange Ciphersuites

CVE-2024-21671 LOW

vantage6 < 4.2.0 - Observable Timing Discrepancy in Login Response

CVE-2024-23342 HIGH

ecdsa < 0.18.0 - Covert Timing Channel

CVE-2023-41313 CRITICAL

Apache Doris <2.0.0 - Info Disclosure

CVE-2023-41097 MEDIUM

Silabs Gecko Software Development Kit < 4.4.0 - Observable Timing Discrepancy in CBC PKCS7 Padding

CVE-2023-5981 MEDIUM

GnuTLS - Timing Side-Channel in RSA-PSK ClientKeyExchange

CVE-2023-25529 HIGH

NVIDIA DGX H100 and A100 BMC < 23.08.18 - Unauthenticated Session Token Leak via Timing Discrepancy

CVE-2023-40182 LOW

Silverware Games <1.3.6 - Info Disclosure

CVE-2023-40021 MEDIUM

Oppia 1.1.0-3.3.2 - Observable Timing Discrepancy in CSRF Token Validation

Previous Page 4 of 6 Next

Details

Vulnerabilities 137

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy