Vulnerabilities > Information Exposure Through Discrepancy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-01 | CVE-2022-39228 | Information Exposure Through Discrepancy vulnerability in Vantage6 vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. | 6.5 |
2023-02-16 | CVE-2020-12413 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. | 5.9 |
2023-02-15 | CVE-2023-0361 | Information Exposure Through Discrepancy vulnerability in multiple products A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. | 7.4 |
2023-02-08 | CVE-2022-4304 | Information Exposure Through Discrepancy vulnerability in multiple products A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. | 5.9 |
2023-01-13 | CVE-2022-3143 | Information Exposure Through Discrepancy vulnerability in Redhat products wildfly-elytron: possible timing attacks via use of unsafe comparator. | 7.4 |
2023-01-13 | CVE-2022-42288 | Information Exposure Through Discrepancy vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure. | 5.3 |
2023-01-11 | CVE-2022-4499 | Information Exposure Through Discrepancy vulnerability in Tp-Link Archer C5 Firmware and Tl-Wr710N Firmware TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. | 7.5 |
2023-01-11 | CVE-2022-4543 | Information Exposure Through Discrepancy vulnerability in Linux Kernel A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). | 5.5 |
2023-01-10 | CVE-2022-30332 | Information Exposure Through Discrepancy vulnerability in Talend Administration Center 7.3.1 In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. | 5.3 |
2023-01-10 | CVE-2022-48251 | Information Exposure Through Discrepancy vulnerability in ARM products The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. | 7.5 |