Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-03 | CVE-2020-9389 | Information Exposure Through Discrepancy vulnerability in Squaredup A username enumeration issue was discovered in SquaredUp before version 4.6.0. | 4.3 |
| 2021-01-08 | CVE-2020-28208 | Information Exposure Through Discrepancy vulnerability in Rocket.Chat An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1. | 5.0 |
| 2021-01-07 | CVE-2021-3011 | Information Exposure Through Discrepancy vulnerability in multiple products An electromagnetic-wave side-channel issue was discovered on NXP SmartMX / P5x security microcontrollers and A7x secure authentication microcontrollers, with CryptoLib through v2.9. | 1.9 |
| 2020-12-21 | CVE-2020-35624 | Information Exposure Through Discrepancy vulnerability in Mediawiki An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. | 5.0 |
| 2020-12-15 | CVE-2020-29480 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 2.1 |
| 2020-12-14 | CVE-2020-0464 | Information Exposure Through Discrepancy vulnerability in Google Android 10.0 In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. | 2.1 |
| 2020-11-12 | CVE-2020-12912 | Information Exposure Through Discrepancy vulnerability in AMD Energy Driver for Linux A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. | 2.1 |
| 2020-11-10 | CVE-2020-28368 | Information Exposure Through Discrepancy vulnerability in multiple products Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. | 2.1 |
| 2020-11-02 | CVE-2020-26939 | Information Exposure Through Discrepancy vulnerability in Bouncycastle Legion-Of-The-Bouncy-Castle In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. | 5.0 |
| 2020-10-21 | CVE-2020-3585 | Information Exposure Through Discrepancy vulnerability in Cisco products A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. | 4.3 |