Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-08 | CVE-2022-4304 | Information Exposure Through Discrepancy vulnerability in multiple products A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. | 5.9 |
| 2023-01-13 | CVE-2022-3143 | Information Exposure Through Discrepancy vulnerability in Redhat products wildfly-elytron: possible timing attacks via use of unsafe comparator. | 7.4 |
| 2023-01-13 | CVE-2022-42288 | Information Exposure Through Discrepancy vulnerability in Nvidia DGX A100 Firmware NVIDIA BMC contains a vulnerability in IPMI handler, where an unauthorized attacker can use certain oracles to guess a valid BMC username, which may lead to an information disclosure. | 5.3 |
| 2023-01-11 | CVE-2022-4499 | Information Exposure Through Discrepancy vulnerability in Tp-Link Archer C5 Firmware and Tl-Wr710N Firmware TP-Link routers, Archer C5 and WR710N-V1, using the latest software, the strcmp function used for checking credentials in httpd, is susceptible to a side-channel attack. | 7.5 |
| 2023-01-11 | CVE-2022-4543 | Information Exposure Through Discrepancy vulnerability in Linux Kernel A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). | 5.5 |
| 2023-01-10 | CVE-2022-30332 | Information Exposure Through Discrepancy vulnerability in Talend Administration Center 7.3.1 In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account. | 5.3 |
| 2023-01-10 | CVE-2022-48251 | Information Exposure Through Discrepancy vulnerability in ARM products The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant" to side-channel attacks. | 7.5 |
| 2023-01-08 | CVE-2016-15015 | Information Exposure Through Discrepancy vulnerability in Paysafe Barzahlen Payment Module PHP SDK A vulnerability, which was classified as problematic, was found in viafintech Barzahlen Payment Module PHP SDK up to 2.0.0. | 5.3 |
| 2023-01-01 | CVE-2022-47952 | Information Exposure Through Discrepancy vulnerability in Linuxcontainers LXC lxc-user-nic in lxc through 5.0.1 is installed setuid root, and may allow local users to infer whether any file exists, even within a protected directory tree, because "Failed to open" often indicates that a file does not exist, whereas "does not refer to a network namespace path" often indicates that a file exists. | 3.3 |
| 2022-12-28 | CVE-2022-4823 | Information Exposure Through Discrepancy vulnerability in Instedd Nuntium A vulnerability, which was classified as problematic, was found in InSTEDD Nuntium. | 5.9 |