Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-30 | CVE-2023-32691 | Information Exposure Through Discrepancy vulnerability in GO Simple Tunnel Project GO Simple Tunnel gost (GO Simple Tunnel) is a simple tunnel written in golang. | 5.9 |
| 2023-05-25 | CVE-2023-32694 | Information Exposure Through Discrepancy vulnerability in Saleor Saleor Core is a composable, headless commerce API. | 5.4 |
| 2023-05-22 | CVE-2023-28412 | Information Exposure Through Discrepancy vulnerability in Snapone Orvc When supplied with a random MAC address, Snap One OvrC cloud servers will return information about the device. | 5.3 |
| 2023-05-15 | CVE-2023-23449 | Information Exposure Through Discrepancy vulnerability in Sick products Observable Response Discrepancy in SICK FTMg AIR FLOW SENSOR with Partnumbers 1100214, 1100215, 1100216, 1120114, 1120116, 1122524, 1122526 allows a remote attacker to gain information about valid usernames by analyzing challenge responses from the server via the REST interface. | 5.3 |
| 2023-05-11 | CVE-2023-27870 | Information Exposure Through Discrepancy vulnerability in IBM Spectrum Virtualize 8.5 IBM Spectrum Virtualize 8.5, under certain circumstances, could disclose sensitive credential information while a download from Fix Central is in progress. | 5.9 |
| 2023-04-27 | CVE-2023-28770 | Information Exposure Through Discrepancy vulnerability in Zyxel Dx5401-B0 Firmware The sensitive information exposure vulnerability in the CGI “Export_Log” and the binary “zcmd” in Zyxel DX5401-B0 firmware versions prior to V5.17(ABYO.1)C0 could allow a remote unauthenticated attacker to read the system files and to retrieve the password of the supervisor from the encrypted file. | 7.5 |
| 2023-04-25 | CVE-2022-40482 | Information Exposure Through Discrepancy vulnerability in Laravel Framework The authentication method in Laravel 8.x through 9.x before 9.32.0 was discovered to be vulnerable to user enumeration via timeless timing attacks with HTTP/2 multiplexing. | 5.3 |
| 2023-04-24 | CVE-2023-30458 | Information Exposure Through Discrepancy vulnerability in Medicine Tracker System Project Medicine Tracker System 1.0 A username enumeration issue was discovered in Medicine Tracker System 1.0. | 5.3 |
| 2023-04-21 | CVE-2023-26556 | Information Exposure Through Discrepancy vulnerability in Iofinnet Tss-Lib io.finnet tss-lib before 2.0.0 can leak a secret key via a timing side-channel attack because it relies on the scalar-multiplication implementation in Go crypto/elliptic, which is not constant time (there is an if statement in a loop). | 9.1 |
| 2023-04-21 | CVE-2023-26557 | Information Exposure Through Discrepancy vulnerability in Iofinnet Tss-Lib io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation, or modular inverse. | 7.5 |