Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-16 | CVE-2023-40021 | Information Exposure Through Discrepancy vulnerability in Oppia Oppia is an online learning platform. | 5.3 |
| 2023-08-16 | CVE-2023-40343 | Information Exposure Through Discrepancy vulnerability in Jenkins Tuleap Authentication Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. | 5.9 |
| 2023-08-11 | CVE-2022-40982 | Information Exposure Through Discrepancy vulnerability in multiple products Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |
| 2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
| 2023-08-01 | CVE-2023-20583 | Information Exposure Through Discrepancy vulnerability in AMD * A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | 4.7 |
| 2023-07-31 | CVE-2023-3462 | Information Exposure Through Discrepancy vulnerability in Hashicorp Vault 1.13.0/1.13.4/1.14.0 HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. | 5.3 |
| 2023-07-30 | CVE-2023-37217 | Information Exposure Through Discrepancy vulnerability in Tadirantele Aeonix Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy | 5.3 |
| 2023-07-25 | CVE-2023-3897 | Information Exposure Through Discrepancy vulnerability in 42Gears Suremdm 6.31 Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version | 5.3 |
| 2023-07-24 | CVE-2023-3640 | Information Exposure Through Discrepancy vulnerability in multiple products A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. | 7.8 |
| 2023-07-11 | CVE-2023-20575 | Information Exposure Through Discrepancy vulnerability in AMD products A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information. | 6.5 |