Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-24 | CVE-2021-41634 | Information Exposure Through Discrepancy vulnerability in Melag FTP Server 2.2.0.4 A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames. | 5.0 |
| 2022-06-23 | CVE-2022-34174 | Information Exposure Through Discrepancy vulnerability in Jenkins In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. | 5.0 |
| 2022-06-15 | CVE-2022-24436 | Information Exposure Through Discrepancy vulnerability in Intel * Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. | 4.0 |
| 2022-06-15 | CVE-2022-23823 | Information Exposure Through Discrepancy vulnerability in AMD products A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | 4.0 |
| 2022-06-09 | CVE-2022-0823 | Information Exposure Through Discrepancy vulnerability in Zyxel products An improper control of interaction frequency vulnerability in Zyxel GS1200 series switches could allow a local attacker to guess the password by using a timing side-channel attack. | 2.1 |
| 2022-06-08 | CVE-2022-32273 | Information Exposure Through Discrepancy vulnerability in Opswat Metadefender As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server. | 4.0 |
| 2022-06-05 | CVE-2022-32296 | Information Exposure Through Discrepancy vulnerability in Linux Kernel The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. | 2.1 |
| 2022-05-20 | CVE-2022-29185 | Information Exposure Through Discrepancy vulnerability in Totp-Rs Project Totp-Rs totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP). | 3.5 |
| 2022-05-20 | CVE-2022-24043 | Information Exposure Through Discrepancy vulnerability in Siemens products A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884). | 5.0 |
| 2022-05-12 | CVE-2021-33149 | Information Exposure Through Discrepancy vulnerability in Intel products Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 2.1 |