Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-07-31 | CVE-2023-3462 | Information Exposure Through Discrepancy vulnerability in Hashicorp Vault 1.13.0/1.13.4/1.14.0 HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. | 5.3 |
| 2023-07-30 | CVE-2023-37217 | Information Exposure Through Discrepancy vulnerability in Tadirantele Aeonix Tadiran Telecom Aeonix - CWE-204: Observable Response Discrepancy | 5.3 |
| 2023-07-25 | CVE-2023-3897 | Information Exposure Through Discrepancy vulnerability in 42Gears Suremdm 6.31 Username enumeration is possible through Bypassing CAPTCHA in On-premise SureMDM Solution on Windows deployment allows attacker to enumerate local user information via error message. This issue affects SureMDM On-premise: 6.31 and below version | 5.3 |
| 2023-07-24 | CVE-2023-3640 | Information Exposure Through Discrepancy vulnerability in multiple products A possible unauthorized memory access flaw was found in the Linux kernel's cpu_entry_area mapping of X86 CPU data to memory, where a user may guess the location of exception stacks or other important data. | 7.8 |
| 2023-07-11 | CVE-2023-20575 | Information Exposure Through Discrepancy vulnerability in AMD products A potential power side-channel vulnerability in some AMD processors may allow an authenticated attacker to use the power reporting functionality to monitor a program’s execution inside an AMD SEV VM potentially resulting in a leak of sensitive information. | 6.5 |
| 2023-07-10 | CVE-2023-35698 | Information Exposure Through Discrepancy vulnerability in Sick Icr890-4 Firmware Observable Response Discrepancy in the SICK ICR890-4 could allow a remote attacker to identify valid usernames for the FTP server from the response given during a failed login attempt. | 5.3 |
| 2023-07-05 | CVE-2023-3336 | Information Exposure Through Discrepancy vulnerability in Moxa Tn-5900 Firmware 3.1/3.2/3.3 TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. | 5.3 |
| 2023-06-12 | CVE-2023-34344 | Information Exposure Through Discrepancy vulnerability in AMI Megarac Sp-X AMI BMC contains a vulnerability in the IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid username, which may lead to information disclosure. | 5.3 |
| 2023-05-30 | CVE-2023-32342 | Information Exposure Through Discrepancy vulnerability in IBM Http Server IBM GSKit could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. | 7.5 |
| 2023-05-30 | CVE-2023-31186 | Information Exposure Through Discrepancy vulnerability in Avaya IX Workforce Engagement 15.2.7.1195 Avaya IX Workforce Engagement v15.2.7.1195 - User Enumeration - Observable Response Discrepancy | 5.3 |