Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2025-03-18 CVE-2025-1468 An unauthenticated remote attacker can gain access to sensitive information including authentication information when using CODESYS OPC UA Server with the non-default Basic128Rsa15 security policy.
network
low complexity
CWE-203
7.5
2025-03-11 CVE-2024-41760 IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations.
network
high complexity
CWE-203
3.7
2025-02-11 CVE-2023-37482 The login functionality of the web server in affected devices does not normalize the response times of login attempts.
network
low complexity
CWE-203
5.3
2025-01-31 CVE-2024-45089 Information Exposure Through Discrepancy vulnerability in IBM Sterling B2B Integrator
IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy.
network
low complexity
ibm CWE-203
4.3
2025-01-21 CVE-2025-24011 Information Exposure Through Discrepancy vulnerability in Umbraco CMS
Umbraco is a free and open source .NET content management system.
network
low complexity
umbraco CWE-203
5.3
2025-01-14 CVE-2024-36510 Information Exposure Through Discrepancy vulnerability in Fortinet Forticlientems and Fortisoar
An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses.
network
low complexity
fortinet CWE-203
5.3
2024-11-05 CVE-2024-50102 Information Exposure Through Discrepancy vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canonical accesses in kernel space.
local
low complexity
linux CWE-203
5.5
2024-11-05 CVE-2024-51739 Information Exposure Through Discrepancy vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-203
5.3
2024-11-01 CVE-2024-41741 Information Exposure Through Discrepancy vulnerability in IBM Txseries for Multiplatforms 10.1
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system.
network
low complexity
ibm CWE-203
5.3
2024-10-29 CVE-2024-10463 Information Exposure Through Discrepancy vulnerability in Mozilla Thunderbird
Video frames could have been leaked between origins in some situations.
network
low complexity
mozilla CWE-203
6.5