Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2024-11-05 CVE-2024-50102 Information Exposure Through Discrepancy vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: x86: fix user address masking non-canonical speculation issue It turns out that AMD has a "Meltdown Lite(tm)" issue with non-canonical accesses in kernel space.
local
low complexity
linux CWE-203
5.5
2024-11-05 CVE-2024-51739 Information Exposure Through Discrepancy vulnerability in Combodo Itop
Combodo iTop is a simple, web based IT Service Management tool.
network
low complexity
combodo CWE-203
5.3
2024-11-01 CVE-2024-41741 Information Exposure Through Discrepancy vulnerability in IBM Txseries for Multiplatforms 10.1
IBM TXSeries for Multiplatforms 10.1 could allow an attacker to determine valid usernames due to an observable timing discrepancy which could be used in further attacks against the system.
network
low complexity
ibm CWE-203
5.3
2024-10-29 CVE-2024-10463 Information Exposure Through Discrepancy vulnerability in Mozilla Thunderbird
Video frames could have been leaked between origins in some situations.
network
low complexity
mozilla CWE-203
6.5
2024-10-29 CVE-2024-7010 Information Exposure Through Discrepancy vulnerability in Mudler Localai 2.17.1
mudler/localai version 2.17.1 is vulnerable to a Timing Attack.
network
high complexity
mudler CWE-203
5.9
2024-10-24 CVE-2024-49358 Information Exposure Through Discrepancy vulnerability in Zimaspace Zimaos
ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI.
network
low complexity
zimaspace CWE-203
5.3
2024-10-21 CVE-2024-47678 Information Exposure Through Discrepancy vulnerability in Linux Kernel
In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destination ratelimit (inetpeer based) In order to avoid side-channels attacks, we need to apply the per destination check first. This patch makes the following change : 1) icmp_global_allow() checks if the host wide limit is reached. But credits are not yet consumed.
local
low complexity
linux CWE-203
5.5
2024-10-10 CVE-2024-47869 Information Exposure Through Discrepancy vulnerability in Gradio Project Gradio
Gradio is an open-source Python package designed for quick prototyping.
network
high complexity
gradio-project CWE-203
3.7
2024-10-04 CVE-2024-9513 Information Exposure Through Discrepancy vulnerability in Netadmin IAM
A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic.
network
high complexity
netadmin CWE-203
3.7
2024-09-26 CVE-2024-41715 Information Exposure Through Discrepancy vulnerability in Gotenna Atak Plugin
The goTenna Pro ATAK Plugin does not inject extra characters into broadcasted frames to obfuscate the length of messages.
low complexity
gotenna CWE-203
4.3