Vulnerabilities > Information Exposure Through Discrepancy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2025-03-18 | CVE-2025-1468 | An unauthenticated remote attacker can gain access to sensitive information including authentication information when using CODESYS OPC UA Server with the non-default Basic128Rsa15 security policy. | 7.5 |
2025-03-11 | CVE-2024-41760 | IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an attacker to obtain sensitive information due to a timing attack during certain RSA operations. | 3.7 |
2025-02-11 | CVE-2023-37482 | The login functionality of the web server in affected devices does not normalize the response times of login attempts. | 5.3 |
2025-01-31 | CVE-2024-45089 | Information Exposure Through Discrepancy vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.5 and 6.2.0.0 through 6.2.0.3 Standard Edition EBICS server could allow an authenticated user to obtain sensitive filename information due to an observable discrepancy. | 4.3 |
2025-01-21 | CVE-2025-24011 | Information Exposure Through Discrepancy vulnerability in Umbraco CMS Umbraco is a free and open source .NET content management system. | 5.3 |
2025-01-14 | CVE-2024-36510 | Information Exposure Through Discrepancy vulnerability in Fortinet Forticlientems and Fortisoar An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses. | 5.3 |
2024-11-05 | CVE-2024-50102 | Information Exposure Through Discrepancy vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canonical accesses in kernel space. | 5.5 |
2024-11-05 | CVE-2024-51739 | Information Exposure Through Discrepancy vulnerability in Combodo Itop Combodo iTop is a simple, web based IT Service Management tool. | 5.3 |
2024-11-01 | CVE-2024-41741 | Information Exposure Through Discrepancy vulnerability in IBM Txseries for Multiplatforms 10.1 IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system. | 5.3 |
2024-10-29 | CVE-2024-10463 | Information Exposure Through Discrepancy vulnerability in Mozilla Thunderbird Video frames could have been leaked between origins in some situations. | 6.5 |