Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / CWE / CWE-208

CWE-208

Observable Timing Discrepancy

Parent: CWE-203 - Observable Discrepancy

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.

137 vulnerabilities with CWE-208

CVE-2023-32694 MEDIUM

Saleor Core <3.7.67 - Timing Attack

CVE-2023-25000 MEDIUM

HashiCorp Vault <1.13.1-1.12.5-1.11.9 - Info Disclosure

CVE-2023-1538 MEDIUM

answerdev/answer <1.0.6 - Info Disclosure

CVE-2023-25806 MEDIUM

OpenSearch Security - Info Disclosure

CVE-2022-25332 MEDIUM

Texas Instruments OMAP L138 - Timing Side Channel

CVE-2022-42288 MEDIUM

NVIDIA DGX A100 Firmware < 00.19.07 - Unauthenticated Username Enumeration via IPMI Handler Timing Discrepancy

CVE-2022-4823 LOW

InSTEDD Nuntium - Timing Discrepancy

CVE-2022-39308 MEDIUM

GoCD 19.2.0-19.10.0 - Timing Attack via Access Token Validation

CVE-2022-31142 HIGH

@fastify/bearer-auth <7.0.2-8.0.1 - Info Disclosure

CVE-2022-20752 MEDIUM

Cisco Unified Communications Manager 12.5(1) - Observable Timing Discrepancy

CVE-2022-29185 MEDIUM

totp-rs < 1.1.0 - Observable Timing Discrepancy in Token Comparison

CVE-2021-21575 MEDIUM

Dell BSAFE Micro Edition Suite <4.5.2 - Info Disclosure

CVE-2021-34337 MEDIUM

Mailman Core <3.3.5 - Info Disclosure

CVE-2021-4294 LOW

OpenShift OSIN - Timing Discrepancy

CVE-2021-42016 HIGH

Siemens RUGGEDCOM ROS - Observable Timing Discrepancy in Third-Party Component

CVE-2021-43298 CRITICAL

GoAhead < 5.1.4 - Unauthenticated Password Brute-Force via Timing Attack

CVE-2021-26318 MEDIUM

AMD Athlon, Athlon Pro, EPYC, Ryzen, and Ryzen Pro Firmware - Observable Timing Discrepancy via PREFETCH Instructions

CVE-2021-26314 MEDIUM

Xen - Observable Timing Discrepancy via Floating Point Value Injection

CVE-2021-26313 MEDIUM

Xen - Observable Timing Discrepancy via Speculative Code Store Bypass

CVE-2021-31406 MEDIUM

Vaadin Flow 3.0.0-5.0.3 and Vaadin 15.0.0-18.0.6 - Observable Timing Discrepancy in CSRF Token Comparison

CVE-2021-31404 MEDIUM

Vaadin Flow 1.0.0-1.0.13 and Vaadin 10.0.0-10.0.16 - Observable Timing Discrepancy in CSRF Token Comparison

CVE-2021-31403 MEDIUM

Vaadin 7.0.0-7.7.23 and 8.0.0-8.12.2 - Observable Timing Discrepancy in CSRF Token Comparison

CVE-2020-35165 MEDIUM

Dell BSAFE <4.1.5-4.6 - Info Disclosure

CVE-2020-1926 MEDIUM

Apache Hive <2.3.8 - Info Disclosure

CVE-2020-15237 MEDIUM

Shrine < 3.3.0 - Observable Timing Discrepancy in Derivation Endpoint Signature Verification

Previous Page 5 of 6 Next

Details

Vulnerabilities 137

Links

MITRE CWE Entry Search this CWE With Exploits

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy