Falhas do tipo CWE-203
294 resultadosCVE-2022-40482MEDIUMThe authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing aEPSS 0.9%CVE-2010-10006LOWmichaelliao jopenid OpenIdManager.java getAuthentication timing discrepancyEPSS 0.9%CVE-2024-0914MEDIUMOpencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)EPSS 0.9%CVE-2025-41252HIGHUsername enumeration vulnerabilityEPSS 0.9%CVE-2023-1707HIGHCertain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled wEPSS 0.9%CVE-2023-26556CRITICALio.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implemeEPSS 0.9%CVE-2023-26557HIGHio.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, EPSS 0.9%CVE-2023-33850HIGHIBM GSKit-Crypto information disclosureEPSS 0.9%CVE-2025-59716MEDIUMownCloud Guests before 0.12.5 allows unauthenticated user enumeration via the /apps/guests/register/{email}/{token} endpoint. Because of insEPSS 0.9%CVE-2021-3642—A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer maEPSS 0.8%CVE-2022-30332MEDIUMIn Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid rEPSS 0.8%CVE-2023-30458MEDIUMA username enumeration issue was discovered in Medicine Tracker System 1.0. The login functionality allows a malicious user to guess a validEPSS 0.8%CVE-2024-21210LOWVulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, EPSS 0.8%CVE-2020-26062MEDIUMCisco Integrated Management Controller Username Enumeration VulnerabilityEPSS 0.8%CVE-2024-45231MEDIUMAn issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view imEPSS 0.8%CVE-2022-29185MEDIUMObservable Timing Discrepancy in totp-rsEPSS 0.8%CVE-2022-23643MEDIUMSide-channel attack in Sourcegraph Code MonitorsEPSS 0.8%CVE-2022-46392MEDIUMAn issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory EPSS 0.8%CVE-2021-33845MEDIUMUsername enumeration through lockout message in REST APIEPSS 0.8%CVE-2023-33741HIGHMacrovideo v380pro v1.4.97 shares the device id and password when sharing the device.EPSS 0.8%