Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.
119 vulnerabilities with CWE-208
CVE-2021-26314
MEDIUM
CPU Products - Info Disclosure
CVSS 5.5
CVE-2021-26313
MEDIUM
CPU Products - Info Disclosure
CVSS 5.5
CVE-2021-31406
MEDIUM
Vaadin Flow < 5.0.4 - CSRF
CVSS 4.0
CVE-2021-31404
MEDIUM
Vaadin Flow < 1.0.14 - CSRF
CVSS 4.0
CVE-2021-31403
MEDIUM
Vaadin < 7.7.24 - CSRF
CVSS 4.0
CVE-2020-35165
MEDIUM
Dell BSAFE <4.1.5-4.6 - Info Disclosure
CVSS 5.1
CVE-2020-1926
MEDIUM
Apache Hive <2.3.8 - Info Disclosure
CVSS 5.9
CVE-2020-15237
MEDIUM
Shrine <3.3.0 - Info Disclosure
CVSS 5.9
CVE-2020-4071
LOW
django-basic-auth-ip-whitelist <0.3.4 - Info Disclosure
CVSS 2.2
CVE-2020-11037
MEDIUM
Wagtail <2.7.3-2.8.2 - Info Disclosure
CVSS 6.1
CVE-2019-16782
MEDIUM
Rack <1.6.12, 2.0.8 - Info Disclosure
CVSS 6.3
CVE-2019-13420
MEDIUM
Search Guard <21.0 - Info Disclosure
CVSS 5.9
CVE-2019-9494
MEDIUM
Hostapd & Wpa_Supplicant <2.7 - Info Disclosure
CVSS 5.9
CVE-2016-15015
LOW
viafintech Barzahlen Payment Module PHP SDK <2.0.1 - Info Disclosure
CVSS 2.6
CVE-2016-10535
MEDIUM
Csrf-lite < 0.1.1 - CSRF
CVSS 5.9
CVE-2014-125056
LOW
Pylons horus - Info Disclosure
CVSS 2.6
CVE-2014-125055
LOW
agnivade easy-scrypt <1.0.0 - Info Disclosure
CVSS 2.6
CVE-2013-10006
LOW
Ziftr primecoin <0.8.4rc1 - Timing Discrepancy
CVSS 2.6
CVE-2010-10006
LOW
michaelliao jopenid - Info Disclosure
CVSS 2.6
Details
Vulnerabilities
119