Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-23 | CVE-2022-1139 | Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in Background Fetch API in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-23 | CVE-2022-1146 | Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in Resource Timing in Google Chrome prior to 100.0.4896.60 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2022-07-14 | CVE-2022-32425 | Information Exposure Through Discrepancy vulnerability in Mealie 1.0.0 The login function of Mealie v1.0.0beta-2 allows attackers to enumerate existing usernames by timing the server's response time. | 5.3 |
| 2022-07-14 | CVE-2022-31142 | Information Exposure Through Discrepancy vulnerability in Fastify Bearer-Auth @fastify/bearer-auth is a Fastify plugin to require bearer Authorization headers. | 7.5 |
| 2022-07-06 | CVE-2022-20752 | Information Exposure Through Discrepancy vulnerability in Cisco Unified Communications Manager and Unity Connection A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), and Cisco Unity Connection could allow an unauthenticated, remote attacker to perform a timing attack. | 5.3 |
| 2022-06-24 | CVE-2021-41634 | Information Exposure Through Discrepancy vulnerability in Melag FTP Server 2.2.0.4 A user enumeration vulnerability in MELAG FTP Server 2.2.0.4 allows an attacker to identify valid FTP usernames. | 5.3 |
| 2022-06-23 | CVE-2022-34174 | Information Exposure Through Discrepancy vulnerability in Jenkins In Jenkins 2.355 and earlier, LTS 2.332.3 and earlier, an observable timing discrepancy on the login form allows distinguishing between login attempts with an invalid username, and login attempts with a valid username and wrong password, when using the Jenkins user database security realm. | 7.5 |
| 2022-06-15 | CVE-2022-24436 | Information Exposure Through Discrepancy vulnerability in Intel * Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access. | 6.5 |
| 2022-06-15 | CVE-2022-23823 | Information Exposure Through Discrepancy vulnerability in AMD products A potential vulnerability in some AMD processors using frequency scaling may allow an authenticated attacker to execute a timing attack to potentially enable information disclosure. | 6.5 |
| 2022-06-08 | CVE-2022-32273 | Information Exposure Through Discrepancy vulnerability in Opswat Metadefender As a result of an observable discrepancy in returned messages, OPSWAT MetaDefender Core (MDCore) before 5.1.2 could allow an authenticated user to enumerate filenames on the server. | 4.3 |