Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2023-07-10 CVE-2023-35698 Information Exposure Through Discrepancy vulnerability in Sick Icr890-4 Firmware
Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt.
network
low complexity
sick CWE-203
5.3
2023-07-05 CVE-2023-3336 Information Exposure Through Discrepancy vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability.
network
low complexity
moxa CWE-203
5.3
2023-06-12 CVE-2023-34344 Information Exposure Through Discrepancy vulnerability in AMI Megarac Sp-X
AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure.
network
low complexity
ami CWE-203
5.3
2023-05-30 CVE-2023-32342 Information Exposure Through Discrepancy vulnerability in IBM Http Server
IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation.
network
low complexity
ibm CWE-203
7.5
2023-05-30 CVE-2023-31186 Information Exposure Through Discrepancy vulnerability in Avaya IX Workforce Engagement 15.2.7.1195
Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy
network
low complexity
avaya CWE-203
5.3
2023-05-30 CVE-2023-32691 Information Exposure Through Discrepancy vulnerability in GO Simple Tunnel Project GO Simple Tunnel
gost (GO Simple Tunnel) is a simple tunnel written in golang.
network
high complexity
go-simple-tunnel-project CWE-203
5.9
2023-05-25 CVE-2023-32694 Information Exposure Through Discrepancy vulnerability in Saleor
Saleor Core is a composable, headless commerce API.
network
low complexity
saleor CWE-203
5.4
2023-05-22 CVE-2023-28412 Information Exposure Through Discrepancy vulnerability in Snapone Orvc
When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device.
network
low complexity
snapone CWE-203
5.3
2023-05-15 CVE-2023-23449 Information Exposure Through Discrepancy vulnerability in Sick products
Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface.
network
low complexity
sick CWE-203
5.3
2023-04-25 CVE-2022-40482 Information Exposure Through Discrepancy vulnerability in Laravel Framework
The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing.
network
low complexity
laravel CWE-203
5.3