Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2024-47129 Information Exposure Through Discrepancy vulnerability in Gotenna PRO
The goTenna Pro App does not inject extra characters into broadcasted frames to obfuscate the length of messages.
low complexity
gotenna CWE-203
4.3
2024-09-19 CVE-2024-8651 Information Exposure Through Discrepancy vulnerability in Netcat Content Management System
A vulnerability in NetCat CMS allows an attacker to send a specially crafted http request that can be used to check whether a user exists in the system, which could be a basis for further attacks. This issue affects NetCat CMS v.
network
low complexity
netcat CWE-203
5.3
2024-09-12 CVE-2024-34336 Information Exposure Through Discrepancy vulnerability in Ordat Ordat.Erp
User enumeration vulnerability in ORDAT FOSS-Online before v2.24.01 allows attackers to determine if an account exists in the application by comparing the server responses of the forgot password functionality.
network
low complexity
ordat CWE-203
5.3
2024-09-08 CVE-2024-42343 Information Exposure Through Discrepancy vulnerability in Loway Queuemetrics
Loway - CWE-204: Observable Response Discrepancy
network
low complexity
loway CWE-203
7.5
2024-09-04 CVE-2024-45052 Information Exposure Through Discrepancy vulnerability in Ethyca Fides
Fides is an open-source privacy engineering platform.
network
low complexity
ethyca CWE-203
5.3
2024-09-04 CVE-2024-39921 Information Exposure Through Discrepancy vulnerability in Fujitsu products
Observable timing discrepancy issue exists in IPCOM EX2 Series V01L02NF0001 to V01L06NF0401, V01L20NF0001 to V01L20NF0401, V02L20NF0001 to V02L21NF0301, and IPCOM VE2 Series V01L04NF0001 to V01L06NF0112.
network
low complexity
fujitsu CWE-203
7.5
2024-09-03 CVE-2024-45678 Information Exposure Through Discrepancy vulnerability in Yubico products
Yubico YubiKey 5 Series devices with firmware before 5.7.0 and YubiHSM 2 devices with firmware before 2.4.0 allow an ECDSA secret-key extraction attack (that requires physical access and expensive equipment) in which an electromagnetic side channel is present because of a non-constant-time modular inversion for the Extended Euclidean Algorithm, aka the EUCLEAK issue.
high complexity
yubico CWE-203
4.2
2024-08-29 CVE-2024-1543 Information Exposure Through Discrepancy vulnerability in Wolfssl
The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution.
local
low complexity
wolfssl CWE-203
5.5
2024-07-30 CVE-2024-38431 Information Exposure Through Discrepancy vulnerability in Matrix-Globalservices Tafnit
Matrix Tafnit v8 - CWE-204: Observable Response Discrepancy
network
low complexity
matrix-globalservices CWE-203
7.5
2024-07-03 CVE-2024-39830 Information Exposure Through Discrepancy vulnerability in Mattermost
Mattermost versions 9.8.x <= 9.8.0, 9.7.x <= 9.7.4, 9.6.x <= 9.6.2 and 9.5.x <= 9.5.5, when shared channels are enabled, fail to use constant time comparison for remote cluster tokens which allows an attacker to retrieve the remote cluster token via a timing attack during remote cluster token comparison.
network
high complexity
mattermost CWE-203
5.9