Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2023-5981)

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS1 v1.5 padding. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2019-13627)

It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versions fixed: 1.8.5-2 and 1.6.3-2+deb8u7. This plugin only works with Tenable.ot. Please visit...

Siemens SIMATIC S7-1500 Observable Discrepancy (CVE-2020-14145)

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...

CVE-2025-11145

Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in CBK Soft Software Hardware Electronic Computer Systems Industry and Trade Inc. EnVision allows Account Footprinting.This issue...

CVE-2025-11145

Observable Discrepancy, Exposure of Sensitive Information to an Unauthorized Actor, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in CBK Soft Software Hardware Electronic Computer Systems Industry and Trade Inc. EnVision allows Account Footprinting. This issue...

EUVD-2022-1157

Malicious code in bioql PyPI...

EUVD-2024-0416

Malicious code in bioql PyPI...

EUVD-2024-47276

Malicious code in bioql PyPI...

EUVD-2025-16161

Malicious code in bioql PyPI...

PT-2025-33638 · Portabilis · Portabilis I-Diario

Name of the Vulnerable Software and Affected Versions: Portabilis i-Diario versions prior to 1.5.1 Description: A security flaw has been discovered in Portabilis i-Diario. The vulnerability affects an unknown functionality of the file /password/email within the Password Recovery Endpoint componen...

GO-2025-3839 Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault

Hashicorp Vault has an Observable Discrepancy on Existing and Non-Existing Users in github.com/hashicorp/vault...

PT-2025-32156 · Emby · Mediabrowser

Name of the Vulnerable Software and Affected Versions: affected versions not specified Description: The vulnerability involves an observable response discrepancy. This issue relates to a mismatch in the expected and actual responses from a system or application. Recommendations: At the moment,...

Observable Discrepancy

Overview Affected versions of this package are vulnerable to Observable Discrepancy via userpass auth method. An attacker can enumerate valid usernames on this auth method through brute force or a list of known usernames. Workaround This issue can be partially mitigated by using rate-limit quotas...

CVE-2025-23182

CWE-203: Observable Discrepancy...

CVE-2025-23182 UBtech – CWE-203: Observable Discrepancy

CWE-203: Observable Discrepancy...

CVE-2025-23182 UBtech – CWE-203: Observable Discrepancy

CWE-203: Observable Discrepancy...

CVE-2025-23182

CVE-2025-23182 relates to UBtech Freepass, with evidence across multiple sources indicating an observable discrepancy that may lead to information disclosure. Connected documents identify the affected software as UBtech Freepass and cite version 1.3.1807.1500 (CNNVD-202505-3321). The CVE entry it...

PT-2025-22498 · Ubtech +1 · Freepass +1

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: The issue is related to an observable discrepancy, which may allow for information disclosure. No specific details about affected devices or real-world incidents are provided. Recommendation...

CVE-2025-48015 Observable Response Discrepancy

Failed login response could be different depending on whether the username was local or central...

Observable Response Discrepancy

Overview Affected versions of this package are vulnerable to Observable Response Discrepancy due to the timing analysis of post-login API responses. An attacker can determine if a specific user account exists by observing the response times. Remediation Upgrade Umbraco.Cms.Core to version 10.8.10...