Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2022-06-24 CVE-2021-41634 Information Exposure Through Discrepancy vulnerability in Melag FTP Server 2.2.0.4
A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames.
network
low complexity
melag CWE-203
5.0
2022-06-23 CVE-2022-34174 Information Exposure Through Discrepancy vulnerability in Jenkins
In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm.
network
low complexity
jenkins CWE-203
5.0
2022-06-15 CVE-2022-24436 Information Exposure Through Discrepancy vulnerability in Intel *
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-203
4.0
2022-06-15 CVE-2022-23823 Information Exposure Through Discrepancy vulnerability in AMD products
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.
network
low complexity
amd CWE-203
4.0
2022-06-09 CVE-2022-0823 Information Exposure Through Discrepancy vulnerability in Zyxel products
An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack.
local
low complexity
zyxel CWE-203
2.1
2022-06-08 CVE-2022-32273 Information Exposure Through Discrepancy vulnerability in Opswat Metadefender
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.
network
low complexity
opswat CWE-203
4.0
2022-06-05 CVE-2022-32296 Information Exposure Through Discrepancy vulnerability in Linux Kernel
The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used.
local
low complexity
linux CWE-203
2.1
2022-05-20 CVE-2022-29185 Information Exposure Through Discrepancy vulnerability in Totp-Rs Project Totp-Rs
totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP).
3.5
2022-05-20 CVE-2022-24043 Information Exposure Through Discrepancy vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-203
5.0
2022-05-12 CVE-2021-33149 Information Exposure Through Discrepancy vulnerability in Intel products
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-203
2.1