Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-203 (通过差异性导致的信息暴露) — Vulnerability Class 129

129 vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2024-47869 Non-constant-time comparison when comparing hashes in Gradio — gradio 5.9AIMediumAI2024-10-10
CVE-2024-43546 Windows Cryptographic Information Disclosure Vulnerability — Windows Server 2022 5.6 Medium2024-10-08
CVE-2024-9513 Netadmin Software NetAdmin IAM HTTP POST Request ReturnUserQuestionsFilled information exposure — NetAdmin IAM 3.7 Low2024-10-04
CVE-2024-1544 ECDSA nonce bias caused by truncation — wolfSSL 4.1 Medium2024-08-27
CVE-2024-41952 Zitadel has an "Ignoring unknown usernames" vulnerability — zitadel 5.3 Medium2024-07-31
CVE-2024-31878 IBM i information disclosure — i 5.3 Medium2024-06-07
CVE-2024-5124 Timing Attack Vulnerability in gaizhenbiao/chuanhuchatgpt — gaizhenbiao/chuanhuchatgpt 7.4AIHighAI2024-06-06
CVE-2024-30257 1Panel's password verification is suspected to have a timing attack vulnerability — 1Panel 3.9 Low2024-04-18
CVE-2024-2464 Application users enumeration in CDeX — CDeX 5.3AIMediumAI2024-03-21
CVE-2024-0436 Prevent timing attack for single-user password check — mintplex-labs/anything-llm 6.7 -2024-02-25
CVE-2024-26268 Liferay Portal和Liferay DXP 安全漏洞 — Portal 5.3 Medium2024-02-20
CVE-2023-6935 Marvin Attack vulnerability in SP Math All RSA — wolfSSL 5.9 Medium2024-02-09
CVE-2023-51437 Apache Pulsar: Timing attack in SASL token signature verification — Apache Pulsar 7.4 High2024-02-07
CVE-2023-50782 Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659 7.5 High2024-02-05
CVE-2023-50781 M2crypto: bleichenbacher timing attacks in the rsa decryption api - incomplete fix for cve-2020-25657 7.5 High2024-02-05
CVE-2023-6240 Kernel: marvin vulnerability side-channel leakage in the rsa decryption operation — Red Hat Enterprise Linux 8 6.5 Medium2024-02-04
CVE-2023-5992 Opensc: side-channel leaks while stripping encryption pkcs#1 padding — Red Hat Enterprise Linux 8 5.6 Medium2024-01-31
CVE-2024-0914 Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin) 5.9 Medium2024-01-31
CVE-2024-0564 Kernel: max page sharing of kernel samepage merging (ksm) may cause memory deduplication 5.3 Medium2024-01-30
CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256 — python-ecdsa 7.4 High2024-01-22
CVE-2024-21484 jsrsasign 安全漏洞 — jsrsasign 7.5 High2024-01-22
CVE-2024-0553 Gnutls: incomplete fix for cve-2023-5981 7.5 High2024-01-16
CVE-2023-46739 Timing attack can leak user passwords — cubefs 6.5 Medium2024-01-03
CVE-2023-50708 yii2-authclient vulnerable to possible timing attack on string comparison in OAuth1, OAuth2 and OpenID Connect implementation — yii2-authclient 6.1 Medium2023-12-22
CVE-2023-43623 Siemens Mendix 安全漏洞 — Mendix Forgot Password (Mendix 10 compatible) 5.3 Medium2023-10-10
CVE-2023-39522 Username enumeration attack in goauthentik — authentik 5.3 Medium2023-08-29
CVE-2023-33850 IBM GSKit-Crypto information disclosure — TXSeries for Multiplatforms 7.5 High2023-08-22
CVE-2023-40021 Timing Attack Reveals CSRF Tokens in oppia — oppia 5.3 Medium2023-08-16
CVE-2023-3462 Vault's LDAP Auth Method Allows for User Enumeration — Vault 5.3 Medium2023-07-31
CVE-2023-3897 Bypassing CAPTCHA & Enumerating Usernames via Password Reset Page — SureMDM Onpremise 4.8 Medium2023-07-25

Vulnerabilities classified as CWE-203 (通过差异性导致的信息暴露) represent 129 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.