Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2022-06-15 CVE-2022-24436 Information Exposure Through Discrepancy vulnerability in Intel *
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.
network
low complexity
intel CWE-203
6.5
2022-06-15 CVE-2022-23823 Information Exposure Through Discrepancy vulnerability in AMD products
A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure.
network
low complexity
amd CWE-203
6.5
2022-06-08 CVE-2022-32273 Information Exposure Through Discrepancy vulnerability in Opswat Metadefender
As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server.
network
low complexity
opswat CWE-203
4.3
2022-05-20 CVE-2022-29185 Information Exposure Through Discrepancy vulnerability in Totp-Rs Project Totp-Rs
totp-rs is a Rust library that permits the creation of 2FA authentification tokens per time-based one-time password (TOTP).
network
high complexity
totp-rs-project CWE-203
4.4
2022-05-20 CVE-2022-24043 Information Exposure Through Discrepancy vulnerability in Siemens products
A vulnerability has been identified in Desigo DXR2 (All versions < V01.21.142.5-22), Desigo PXC3 (All versions < V01.21.142.4-18), Desigo PXC4 (All versions < V02.20.142.10-10884), Desigo PXC5 (All versions < V02.20.142.10-10884).
network
low complexity
siemens CWE-203
5.3
2022-05-12 CVE-2021-33149 Information Exposure Through Discrepancy vulnerability in Intel products
Observable behavioral discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.
local
low complexity
intel CWE-203
5.5
2022-05-11 CVE-2021-46744 Information Exposure Through Discrepancy vulnerability in AMD products
An attacker with access to a malicious hypervisor may be able to infer data values used in a SEV guest on AMD CPUs by monitoring ciphertext values over time.
local
low complexity
amd CWE-203
6.5
2022-05-06 CVE-2021-33845 Information Exposure Through Discrepancy vulnerability in Splunk
The Splunk Enterprise REST API allows enumeration of usernames via the lockout error message.
network
low complexity
splunk CWE-203
5.3
2022-04-20 CVE-2022-1318 Information Exposure Through Discrepancy vulnerability in Carrier Hills Comnav Firmware 300219
Hills ComNav version 3002-19 suffers from a weak communication channel.
local
low complexity
carrier CWE-203
5.5
2022-04-14 CVE-2022-27814 Information Exposure Through Discrepancy vulnerability in Waycrate Swhkd 1.1.5
SWHKD 1.1.5 allows arbitrary file-existence tests via the -c option.
local
low complexity
waycrate CWE-203
3.3