Vulnerabilities > Information Exposure Through Discrepancy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-09-26 | CVE-2024-47129 | Information Exposure Through Discrepancy vulnerability in Gotenna PRO The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages. | 4.3 |
2024-09-19 | CVE-2024-8651 | Information Exposure Through Discrepancy vulnerability in Netcat Content Management System A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v. | 5.3 |
2024-09-12 | CVE-2024-34336 | Information Exposure Through Discrepancy vulnerability in Ordat Ordat.Erp User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality. | 5.3 |
2024-09-08 | CVE-2024-42343 | Information Exposure Through Discrepancy vulnerability in Loway Queuemetrics Loway - CWE-204: Observable Response Discrepancy | 7.5 |
2024-09-04 | CVE-2024-45052 | Information Exposure Through Discrepancy vulnerability in Ethyca Fides Fides is an open-source privacy engineering platform. | 5.3 |
2024-09-04 | CVE-2024-39921 | Information Exposure Through Discrepancy vulnerability in Fujitsu products Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112. | 7.5 |
2024-09-03 | CVE-2024-45678 | Information Exposure Through Discrepancy vulnerability in Yubico products Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue. | 4.2 |
2024-08-29 | CVE-2024-1543 | Information Exposure Through Discrepancy vulnerability in Wolfssl The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. | 5.5 |
2024-07-30 | CVE-2024-38431 | Information Exposure Through Discrepancy vulnerability in Matrix-Globalservices Tafnit Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy | 7.5 |
2024-07-03 | CVE-2024-39830 | Information Exposure Through Discrepancy vulnerability in Mattermost Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token comparison. | 5.9 |