Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-02-23 | CVE-2021-27583 | Information Exposure Through Discrepancy vulnerability in Rangerstudio Directus In Directus 8.x through 8.8.1, an attacker can discover whether a user is present in the database through the password reset feature. | 5.3 |
| 2021-02-03 | CVE-2020-9389 | Information Exposure Through Discrepancy vulnerability in Squaredup 4.6 A username enumeration issue was discovered in SquaredUp before version 4.6.0. | 4.3 |
| 2021-01-08 | CVE-2020-28208 | Information Exposure Through Discrepancy vulnerability in Rocket.Chat An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1. | 5.0 |
| 2020-12-21 | CVE-2020-35624 | Information Exposure Through Discrepancy vulnerability in Mediawiki An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. | 5.0 |
| 2020-12-18 | CVE-2020-35480 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in MediaWiki before 1.35.1. | 5.3 |
| 2020-12-14 | CVE-2020-0464 | Information Exposure Through Discrepancy vulnerability in Google Android 10.0 In resolv_cache_lookup of res_cache.cpp, there is a possible side channel information disclosure. | 2.1 |
| 2020-11-12 | CVE-2020-12912 | Information Exposure Through Discrepancy vulnerability in AMD Energy Driver for Linux A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. | 2.1 |
| 2020-11-12 | CVE-2020-8695 | Information Exposure Through Discrepancy vulnerability in multiple products Observable discrepancy in the RAPL interface for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access. | 5.5 |
| 2020-11-02 | CVE-2020-26939 | Information Exposure Through Discrepancy vulnerability in Bouncycastle products In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. | 5.3 |
| 2020-10-21 | CVE-2020-3585 | Information Exposure Through Discrepancy vulnerability in Cisco products A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. | 3.7 |