Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-21 | CVE-2024-47678 | Information Exposure Through Discrepancy vulnerability in Linux Kernel In the Linux kernel, the following vulnerability has been resolved: icmp: change the order of rate limits ICMP messages are ratelimited : After the blamed commits, the two rate limiters are applied in this order: 1) host wide ratelimit (icmp_global_allow()) 2) Per destination ratelimit (inetpeer based) In order to avoid side-channels attacks, we need to apply the per destination check first. This patch makes the following change : 1) icmp_global_allow() checks if the host wide limit is reached. But credits are not yet consumed. | 5.5 |
| 2024-10-10 | CVE-2024-47869 | Information Exposure Through Discrepancy vulnerability in Gradio Project Gradio Gradio is an open-source Python package designed for quick prototyping. | 3.7 |
| 2024-10-04 | CVE-2024-9513 | Information Exposure Through Discrepancy vulnerability in Netadmin IAM A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. | 3.7 |
| 2024-09-26 | CVE-2024-41715 | Information Exposure Through Discrepancy vulnerability in Gotenna Atak Plugin The goTenna Pro ATAK Plugin does not inject extra characters into broadcasted frames to obfuscate the length of messages. | 4.3 |
| 2024-09-26 | CVE-2024-47129 | Information Exposure Through Discrepancy vulnerability in Gotenna PRO The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages. | 4.3 |
| 2024-09-19 | CVE-2024-8651 | Information Exposure Through Discrepancy vulnerability in Netcat Content Management System A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. | 5.3 |
| 2024-09-12 | CVE-2024-34336 | Information Exposure Through Discrepancy vulnerability in Ordat Ordat.Erp User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality. | 5.3 |
| 2024-09-08 | CVE-2024-42343 | Information Exposure Through Discrepancy vulnerability in Loway Queuemetrics Loway - CWE-204: Observable Response Discrepancy | 7.5 |
| 2024-09-04 | CVE-2024-45052 | Information Exposure Through Discrepancy vulnerability in Ethyca Fides Fides is an open-source privacy engineering platform. | 5.3 |
| 2024-09-04 | CVE-2024-39921 | Information Exposure Through Discrepancy vulnerability in Fujitsu products Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112. | 7.5 |