Vulnerabilities > Information Exposure Through Discrepancy

DATE CVE VULNERABILITY TITLE RISK
2022-03-30 CVE-2021-39775 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In People, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
2022-03-30 CVE-2021-39788 Information Exposure Through Discrepancy vulnerability in Google Android 12.1
In TelecomManager, there is a possible way to check if a particular self managed phone account was registered on the device due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
2022-03-30 CVE-2021-39791 Information Exposure Through Discrepancy vulnerability in Google Android 12.1
In WallpaperManagerService, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
2022-03-25 CVE-2022-24784 Information Exposure Through Discrepancy vulnerability in Statamic
Statamic is a Laravel and Git powered CMS.
network
high complexity
statamic CWE-203
3.7
2022-03-10 CVE-2021-44421 Information Exposure Through Discrepancy vulnerability in Occlum Project Occlum
The pointer-validation logic in util/mem_util.rs in Occlum before 0.26.0 for Intel SGX acts as a confused deputy that allows a local attacker to access unauthorized information via side-channel analysis.
local
low complexity
occlum-project CWE-203
5.5
2022-03-10 CVE-2020-36517 Information Exposure Through Discrepancy vulnerability in Home-Assistant 2022.03
An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS resolver configuration.
network
low complexity
home-assistant CWE-203
7.5
2022-02-21 CVE-2022-0564 Information Exposure Through Discrepancy vulnerability in Qlik Sense
A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts.
network
low complexity
qlik CWE-203
5.3
2022-02-15 CVE-2022-23643 Information Exposure Through Discrepancy vulnerability in Sourcegraph
Sourcegraph is a code search and navigation engine.
network
low complexity
sourcegraph CWE-203
6.5
2022-02-11 CVE-2021-0524 Information Exposure Through Discrepancy vulnerability in Google Android 12.0
In isServiceDistractionOptimized of CarPackageManagerService.java, there is a possible disclosure of installed packages due to side channel information disclosure.
local
low complexity
google CWE-203
5.5
2022-02-10 CVE-2021-45901 Information Exposure Through Discrepancy vulnerability in Servicenow Jakarta
The password-reset form in ServiceNow Orlando provides different responses to invalid authentication attempts depending on whether the username exists.
network
low complexity
servicenow CWE-203
5.3