Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2020-26062 | A vulnerability in Cisco Integrated Management Controller could allow an unauthenticated, remote attacker to enumerate valid usernames within the vulnerable application. The vulnerability is due to differences in authentication responses sent back from the application as part of an authentication attempt. | 5.3 |
| 2024-11-05 | CVE-2024-50102 | Information Exposure Through Discrepancy vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canonical accesses in kernel space. | 5.5 |
| 2024-11-05 | CVE-2024-51739 | Information Exposure Through Discrepancy vulnerability in Combodo Itop Combodo iTop is a simple, web based IT Service Management tool. | 5.3 |
| 2024-11-01 | CVE-2024-41741 | Information Exposure Through Discrepancy vulnerability in IBM Txseries for Multiplatforms 10.1 IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system. | 5.3 |
| 2024-10-29 | CVE-2024-10463 | Information Exposure Through Discrepancy vulnerability in Mozilla Thunderbird Video frames could have been leaked between origins in some situations. | 6.5 |
| 2024-10-29 | CVE-2024-7010 | Information Exposure Through Discrepancy vulnerability in Mudler Localai 2.17.1 mudler/localai version 2.17.1 is vulnerable to a Timing Attack. | 5.9 |
| 2024-10-24 | CVE-2024-49358 | Information Exposure Through Discrepancy vulnerability in Zimaspace Zimaos ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. | 5.3 |
| 2024-10-21 | CVE-2024-47678 | Information Exposure Through Discrepancy vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destination ratelimit (inetpeer based) In order to avoid side-channels attacks, we need to apply the per destination check first. This patch makes the following change : 1) icmp_global_allow() checks if the host wide limit is reached. But credits are not yet consumed. | 5.5 |
| 2024-10-10 | CVE-2024-47869 | Information Exposure Through Discrepancy vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 3.7 |
| 2024-10-04 | CVE-2024-9513 | Information Exposure Through Discrepancy vulnerability in Netadmin IAM A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. | 3.7 |