Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2021-08-10 CVE-2020-25082 Information Exposure Through Discrepancy vulnerability in Nuvoton Npct75X Firmware
An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy.
1.9
2021-08-08 CVE-2021-38209 Information Exposure Through Discrepancy vulnerability in Linux Kernel
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces.
local
low complexity
linux CWE-203
2.1
2021-08-05 CVE-2021-3642 Information Exposure Through Discrepancy vulnerability in Redhat products
A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled.
network
redhat CWE-203
3.5
2021-08-02 CVE-2021-34575 Information Exposure Through Discrepancy vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24
In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.
network
low complexity
mbconnectline CWE-203
5.0
2021-08-02 CVE-2021-34556 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
local
low complexity
linux fedoraproject CWE-203
2.1
2021-08-02 CVE-2021-35477 Information Exposure Through Discrepancy vulnerability in multiple products
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
local
low complexity
linux fedoraproject CWE-203
2.1
2021-07-30 CVE-2021-20113 Information Exposure Through Discrepancy vulnerability in Tecnick Tcexam
An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1.
network
low complexity
tecnick CWE-203
5.0
2021-07-19 CVE-2020-36421 Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS
An issue was discovered in Arm Mbed TLS before 2.23.0.
network
low complexity
arm CWE-203
5.0
2021-07-19 CVE-2020-36422 Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS
An issue was discovered in Arm Mbed TLS before 2.23.0.
network
low complexity
arm CWE-203
5.0
2021-07-19 CVE-2020-36424 Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS
An issue was discovered in Arm Mbed TLS before 2.24.0.
local
arm CWE-203
1.9