Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-19 | CVE-2020-36422 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.23.0. | 5.3 |
| 2021-07-19 | CVE-2020-36424 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.24.0. | 4.7 |
| 2021-07-14 | CVE-2021-24117 | Information Exposure Through Discrepancy vulnerability in Apache Teaclave SGX SDK 1.1.3 In Apache Teaclave Rust SGX SDK 1.1.3, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | 4.9 |
| 2021-07-14 | CVE-2021-24116 | Information Exposure Through Discrepancy vulnerability in Wolfssl In wolfSSL through 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | 4.9 |
| 2021-07-14 | CVE-2021-24119 | Information Exposure Through Discrepancy vulnerability in multiple products In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. | 4.9 |
| 2021-06-09 | CVE-2021-0001 | Information Exposure Through Discrepancy vulnerability in Intel products Observable timing discrepancy in Intel(R) IPP before version 2020 update 1 may allow authorized user to potentially enable information disclosure via local access. | 4.7 |
| 2021-06-09 | CVE-2021-0086 | Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in floating-point operations for some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |
| 2021-06-09 | CVE-2021-0089 | Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |
| 2021-06-09 | CVE-2020-24512 | Information Exposure Through Discrepancy vulnerability in multiple products Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 3.3 |
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 5.5 |