EUVD-2026-20904

An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials...

CVE-2026-4113

An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials...

CVE-2025-12455

Observable response discrepancy vulnerability in OpenText™ Vertica allows Password Brute Forcing. The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X...

Observable Response Discrepancy

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Observable Response Discrepancy in the router. An attacker can determine the existence of specific course IDs by analyzing the different responses returned for valid and invalid IDs. Remediation...

EUVD-2024-37323

Malicious code in bioql PyPI...

EUVD-2025-16124

Malicious code in bioql PyPI...

EUVD-2023-0914

Malicious code in bioql PyPI...

EUVD-2023-29945

Malicious code in bioql PyPI...

EUVD-2024-52568

Malicious code in bioql PyPI...

CVE-2025-9109 Portabilis i-Diario Password Recovery Endpoint email observable response discrepancy

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the...

CVE-2025-9109 Portabilis i-Diario Password Recovery Endpoint email observable response discrepancy

A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the...

CVE-2024-54454

An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinitLink action of the unlogged.do page allows remote attackers to test whether a username is valid or...

CVE-2023-1540

Observable Response Discrepancy in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2022-45177

An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response Discrepancy can occur under the /api/v1/vdeskintegration/user/isenableuser endpoint, the /api/v1/sharedsearch?search=NAME+SURNAME endpoint, and the /login endpoint. The web application provides different...

CVE-2025-3939

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: befo...

CVE-2025-3939 Observable Response Discrepancy

Observable Response Discrepancy vulnerability in Tridium Niagara Framework on Windows, Linux, QNX, Tridium Niagara Enterprise Security on Windows, Linux, QNX allows Cryptanalysis. This issue affects Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: befo...

CVE-2025-3939

CVE-2025-3939 describes an observable response discrepancy in Tridium Niagara Framework and Tridium Niagara Enterprise Security that could enable cryptanalysis. Affected software and versions include Niagara Framework: before 4.14.2, before 4.15.1, before 4.10.11; Niagara Enterprise Security: bef...

CVE-2025-1101

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests...

CVE-2025-1101

CVE-2025-1101 affects Q-Free MaxTime <= 2.11.0. A CWE-204 vulnerability in the login page allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests. The issue is triggered by an observable response discrepancy in the authentication flow, enabling user enu...

CVE-2025-1101

A CWE-204 "Observable Response Discrepancy" in the login page in Q-Free MaxTime less than or equal to version 2.11.0 allows an unauthenticated remote attacker to enumerate valid usernames via crafted HTTP requests...