reconnecting

Dashboard Threats Map Feeds Pricing View Plans & Pricing

reconnecting

Threats Tagged 'cwe-203'

View all threats tagged with 'cwe-203'. Filter and sort to focus on specific types of threats.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Filter Threats

Narrow down the results by type, severity, or affected countries

Type

Severity

Country

Tag

Time Range

Sort By

Active filters (1):Tag: cwe-203

Threats Tagged 'cwe-203'

Click on any threat for detailed analysis and mitigation recommendations


CVE-2024-43546: CWE-203: Observable Discrepancy in Microsoft Windows 10 Version 21H2CVE-2024-43546 0 Windows Cryptographic Information Disclosure Vulnerability MediumVulnerability#gcve #cve-2024-43546 #cwe-203 Join the discussion	GCVE Database	10/08/2024, 17:35:57 UTC Added: 06/09/2026, 19:18:53 UTC
CVE-2026-45294: CWE-203: Observable Discrepancy in freescout-help-desk freescoutCVE-2026-45294 0 FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.219, the password reset endpoint returns visually distinct responses depending on whether the submitted email address belongs to an existing user account, allowing unauthenticated attackers to enumerate valid helpdesk agent email addresses. This vulnerability is fixed in 1.8.219. MediumVulnerability#gcve #cve-2026-45294 #cwe-203 Join the discussion	GCVE Database	05/29/2026, 19:52:22 UTC Added: 05/29/2026, 21:01:40 UTC
CVE-2026-45410: CWE-203: Observable Discrepancy in mauriceboe TREKCVE-2026-45410 0 TREK is a collaborative travel planner. Prior to 3.0.18, early return on missing user during login flow allowed an attacker to enumerate valid user accounts via response timing discrepancy. When an email address existed in the database, the backend performed a bcrypt password comparison before returning a 401 Unauthorized, adding ~370 ms of latency. When the email did not exist, the backend returned immediately (~10 ms). This ~14× timing difference could be detected without any difference in HTTP status codes or response bodies. This vulnerability is fixed in 3.0.18. MediumVulnerability#cve #cve-2026-45410 #cwe-203 Join the discussion	CVE Database V5	05/28/2026, 21:23:01 UTC Added: 05/28/2026, 22:18:34 UTC

Showing 1 to 3 of 3 results

Filters:Tag: cwe-203

Page 1 of 1

OffSeq TrainingCredly Certified

Lead Pen Test Professional

Technical5-day eLearningPECB Accredited