Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-10 | CVE-2020-25082 | Information Exposure Through Discrepancy vulnerability in Nuvoton Npct75X Firmware An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy. | 1.9 |
| 2021-08-08 | CVE-2021-38209 | Information Exposure Through Discrepancy vulnerability in Linux Kernel net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. | 2.1 |
| 2021-08-05 | CVE-2021-3642 | Information Exposure Through Discrepancy vulnerability in Redhat products A flaw was found in Wildfly Elytron in versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final where ScramServer may be susceptible to Timing Attack if enabled. | 3.5 |
| 2021-08-02 | CVE-2021-34575 | Information Exposure Through Discrepancy vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends. | 5.0 |
| 2021-08-02 | CVE-2021-34556 | Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. | 2.1 |
| 2021-08-02 | CVE-2021-35477 | Information Exposure Through Discrepancy vulnerability in multiple products In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. | 2.1 |
| 2021-07-30 | CVE-2021-20113 | Information Exposure Through Discrepancy vulnerability in Tecnick Tcexam An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. | 5.0 |
| 2021-07-19 | CVE-2020-36421 | Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS An issue was discovered in Arm Mbed TLS before 2.23.0. | 5.0 |
| 2021-07-19 | CVE-2020-36422 | Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS An issue was discovered in Arm Mbed TLS before 2.23.0. | 5.0 |
| 2021-07-19 | CVE-2020-36424 | Information Exposure Through Discrepancy vulnerability in ARM Mbed TLS An issue was discovered in Arm Mbed TLS before 2.24.0. | 1.9 |