CVE-2025-25236

Omnissa Workspace ONE UEM contains an observable response discrepancy vulnerability. A malicious actor may be able to enumerate sensitive information such as tenant ID and user accounts that could facilitate brute-force, password-spraying or credential-stuffing attacks...

EUVD-2020-22853

Malware in sbrugna...

EUVD-2020-22855

Malware in sbrugna...

CVE-2025-46390

Technical details for CVE-2025-46390 are not publicly available in the provided documents. No specific affected product/version, root cause, impact, or fix is listed here; monitor for updates.

CVE-2025-46390

CWE-204: Observable Response Discrepancy...

CVE-2023-51437

This CVE (CVE-2023-51437) concerns an observable timing discrepancy in the Apache Pulsar SASL Authentication Provider that could allow forging a SASL Role Token passing signature verification. Affected products/components include Pulsar Broker, Proxy, Websocket Proxy, and Function Worker. Root ca...

CVE-2020-29506

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability...

CVE-2020-35168

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...

CVE-2020-35166

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...

CVE-2020-35164

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...

CVE-2020-29506

Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Observable Timing Discrepancy Vulnerability...

Magento Signature verification bypass

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have an observable timing discrepancy vulnerability. Successful exploitation could lead to signature verification bypass...

PT-2021-19754 · Qsan · Qsan Storage Manager

Name of the Vulnerable Software and Affected Versions: QSAN Storage Manager affected versions not specified Description: The issue allows remote attackers to obtain system information without permissions due to an observable behavioral discrepancy vulnerability. Recommendations: Contact QSAN and...

Authentication flaw

An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials. This affec...

WAGO PFC100/200 Web-Based Management (WBM) Authentication Timing Information Disclosure Vulnerability

Summary An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management WBM web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt function which can be exploited to disclose hashed user credentials...

CVE-2019-3731

RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. A malicious remote user could potentially exploit this vulnerability to extract information leaving data at risk of...

Information disclosure

An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the product, such as whether...

CVE-2018-7812

An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the product, such as whether...