Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-28 | CVE-2021-4294 | Information Exposure Through Discrepancy vulnerability in Redhat Openshift Container Platform and Openshift Osin A vulnerability was found in OpenShift OSIN. | 5.9 |
| 2022-12-26 | CVE-2022-41765 | Information Exposure Through Discrepancy vulnerability in Mediawiki An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. | 5.3 |
| 2022-12-25 | CVE-2022-44381 | Information Exposure Through Discrepancy vulnerability in Snipeitapp Snipe-It Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request. | 5.3 |
| 2022-12-22 | CVE-2022-26382 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox While the text displayed in Autofill tooltips cannot be directly read by JavaScript, the text was rendered using page fonts. | 4.3 |
| 2022-12-22 | CVE-2022-45403 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox Service Workers should not be able to infer information about opaque cross-origin responses; but timing information for cross-origin media combined with Range requests might have allowed them to determine the presence or length of a media file. | 6.5 |
| 2022-12-22 | CVE-2022-45416 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox Keyboard events reference strings like "KeyA" that were at fixed, known, and widely-spread addresses. | 6.5 |
| 2022-12-16 | CVE-2022-20535 | Information Exposure Through Discrepancy vulnerability in Google Android 13.0 In registerLocalOnlyHotspotSoftApCallback of WifiManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
| 2022-12-16 | CVE-2022-20538 | Information Exposure Through Discrepancy vulnerability in Google Android 13.0 In getSmsRoleHolder of RoleService.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 5.5 |
| 2022-12-16 | CVE-2022-20559 | Information Exposure Through Discrepancy vulnerability in Google Android 13.0 In revokeOwnPermissionsOnKill of PermissionManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. | 3.3 |
| 2022-12-15 | CVE-2022-46392 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. | 5.3 |