Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

929 matches found

NVD
NVDadded 2025/08/18 6:15 a.m.6 views

CVE-2025-9109

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the...

6.3CVSS0.00046EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2025/08/18 6:2 a.m.3 views

CVE-2025-9109 Portabilis i-Diario Password Recovery Endpoint email observable response discrepancy

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the...

6.3CVSS7.1AI score0.00046EPSS
Exploits0References3
Cvelist
Cvelistadded 2025/08/18 6:2 a.m.12 views

CVE-2025-9109 Portabilis i-Diario Password Recovery Endpoint email observable response discrepancy

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the...

6.3CVSS0.00046EPSS
Exploits0References3
CVE
CVEadded 2025/08/18 6:2 a.m.21 views

CVE-2025-9109

CVE-2025-9109 affects Portabilis i-Diario up to version 1.5.0, specifically the Password Recovery Endpoint at /password/email. The issue is a discrepancy in responses that can be exploited remotely, with high complexity, and an exploit has been publicly released. Multiple connected sources corrob...

6.3CVSS7.1AI score0.00046EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologiesadded 2025/08/18 12:0 a.m.6 views

PT-2025-33638 · Portabilis · Portabilis I-Diario

Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions prior to 1.5.1 Description: A security flaw has been discovered in Portabilis i-Diario. The vulnerability affects an unknown functionality of the file /password/email within the Password Recovery Endpoint componen...

6.3CVSS4AI score0.00046EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2025/08/14 6:24 p.m.3 views

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

6.8CVSS6.6AI score0.00097EPSS
Exploits0References1
CVE
CVEadded 2025/08/12 4:58 p.m.14 views

CVE-2025-20067

CVE-2025-20067 describes an observable timing discrepancy in firmware for Intel® CSME and Intel® SPS that may allow a privileged local attacker to disclose information. Connected sources confirm this as a firmware-level issue affecting Intel CSME/SPS (and related components in the Intel security ...

6.8CVSS6.6AI score0.00097EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/12 4:58 p.m.2 views

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

6.8CVSS6.6AI score0.00097EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/12 4:58 p.m.6 views

CVE-2025-20067

Observable timing discrepancy in firmware for some IntelR CSME and IntelR SPS may allow a privileged user to potentially enable information disclosure via local access...

6.8CVSS0.00097EPSS
Exploits0References1
OSV
OSVadded 2025/08/11 5:24 p.m.2 views

GO-2025-3839 Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault

Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault...

3.7CVSS7.2AI score0.00123EPSS
Exploits0References3
OSV
OSVadded 2025/08/09 9:15 p.m.2 views

CVE-2025-8774

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

4.7CVSS5.7AI score
Exploits0References4
NVD
NVDadded 2025/08/09 9:15 p.m.4 views

CVE-2025-8774

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

4.7CVSS0.00081EPSS
Exploits0References4
CVE
CVEadded 2025/08/09 8:32 p.m.19 views

CVE-2025-8774

CVE-2025-8774 affects riscv-boom SonicBOOM up to version 2.2.3. The vulnerability is in the L1 Data Cache Handler, where manipulation causes observable timing discrepancies. Exploitation requires local access and is described as high attack complexity; vendor response has been absent. Public sour...

4.7CVSS7AI score0.00081EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2025/08/09 8:32 p.m.10 views

CVE-2025-8774 riscv-boom SonicBOOM L1 Data Cache timing discrepancy

A vulnerability has been found in riscv-boom SonicBOOM up to 2.2.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component L1 Data Cache Handler. The manipulation leads to observable timing discrepancy. Local access is required to approach this...

2.5CVSS0.00081EPSS
Exploits0References4
RedhatCVE
RedhatCVEadded 2025/08/08 11:30 a.m.3 views

CVE-2025-46390

CWE-204: Observable Response Discrepancy...

7.5CVSS6.5AI score0.00307EPSS
Exploits0References1
CVE
CVEadded 2025/08/06 10:55 a.m.12 views

CVE-2025-46390

Technical details for CVE-2025-46390 are not publicly available in the provided documents. No specific affected product/version, root cause, impact, or fix is listed here; monitor for updates.

7.5CVSS6.5AI score0.00307EPSS
Exploits0References1
Cvelist
Cvelistadded 2025/08/06 10:55 a.m.4 views

CVE-2025-46390

CWE-204: Observable Response Discrepancy...

7.5CVSS0.00307EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2025/08/06 10:55 a.m.2 views

CVE-2025-46390

CWE-204: Observable Response Discrepancy...

7.5CVSS6.5AI score0.00307EPSS
Exploits0References1
Snyk
Snykadded 2025/08/06 7:42 a.m.3 views

Race Condition

Overview shopware/shopware is an open source e-commerce software made in Germany Affected versions of this package are vulnerable to Race Condition due to the checkout process. An attacker can bypass intended restrictions and redeem vouchers beyond their allowed usage by exploiting timing...

8.1CVSS6.9AI score0.00252EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/08/06 12:0 a.m.3 views

PT-2025-32156 · Emby · Mediabrowser

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability involves an observable response discrepancy. This issue relates to a mismatch in the expected and actual responses from a system or application. Recommendations: At the moment,...

7.5CVSS6.4AI score0.00307EPSS
Exploits0References4
Rows per page
Query Builder