Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-09-20 | CVE-2023-25529 | Information Exposure Through Discrepancy vulnerability in Nvidia DGX H100 Firmware NVIDIA DGX H100 BMC and DGX A100 BMC contains a vulnerability in the host KVM daemon, where an unauthenticated attacker may cause a leak of another user’s session token by observing timing discrepancies between server responses. | 8.1 |
| 2023-09-19 | CVE-2023-4095 | Information Exposure Through Discrepancy vulnerability in Fujitsu Arconte Aurea 1.5.0.0 User enumeration vulnerability in Arconte Áurea 1.5.0.0 version. | 5.3 |
| 2023-09-12 | CVE-2023-41885 | Information Exposure Through Discrepancy vulnerability in Piccolo-Orm Piccolo Piccolo is an ORM and query builder which supports asyncio. | 5.3 |
| 2023-09-04 | CVE-2023-3221 | Information Exposure Through Discrepancy vulnerability in Password Recovery Project Password Recovery 1.2 User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database. | 5.3 |
| 2023-08-28 | CVE-2023-40756 | Information Exposure Through Discrepancy vulnerability in PHPjabbers Callback Widget 1.0 User enumeration is found in PHPJabbers Callback Widget v1.0. | 9.8 |
| 2023-08-16 | CVE-2023-40021 | Information Exposure Through Discrepancy vulnerability in Oppia Oppia is an online learning platform. | 5.3 |
| 2023-08-16 | CVE-2023-40343 | Information Exposure Through Discrepancy vulnerability in Jenkins Tuleap Authentication Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. | 5.9 |
| 2023-08-11 | CVE-2022-40982 | Information Exposure Through Discrepancy vulnerability in multiple products Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |
| 2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
| 2023-08-01 | CVE-2023-20583 | Information Exposure Through Discrepancy vulnerability in AMD * A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | 4.7 |