Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-09 | CVE-2021-0089 | Information Exposure Through Discrepancy vulnerability in multiple products Observable response discrepancy in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access. | 6.5 |
| 2021-06-09 | CVE-2020-24512 | Information Exposure Through Discrepancy vulnerability in multiple products Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 3.3 |
| 2021-06-09 | CVE-2021-26313 | Information Exposure Through Discrepancy vulnerability in multiple products Potential speculative code store bypass in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution of overwritten instructions, may cause an incorrect speculation and could result in data leakage. | 5.5 |
| 2021-06-09 | CVE-2021-26314 | Information Exposure Through Discrepancy vulnerability in multiple products Potential floating point value injection in all supported CPU products, in conjunction with software vulnerabilities relating to speculative execution with incorrect floating point results, may cause the use of incorrect data from FPVI and may result in data leakage. | 5.5 |
| 2021-06-08 | CVE-2021-33560 | Information Exposure Through Discrepancy vulnerability in multiple products Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. | 7.5 |
| 2021-06-07 | CVE-2021-29621 | Information Exposure Through Discrepancy vulnerability in multiple products Flask-AppBuilder is a development framework, built on top of Flask. | 5.3 |
| 2021-06-06 | CVE-2021-33880 | Information Exposure Through Discrepancy vulnerability in multiple products The aaugustin websockets library before 9.1 for Python has an Observable Timing Discrepancy on servers when HTTP Basic Authentication is enabled with basic_auth_protocol_factory(credentials=...). | 5.9 |
| 2021-06-04 | CVE-2021-33838 | Information Exposure Through Discrepancy vulnerability in Luca-App Luca Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because requests related to Check-In State occur shortly after requests for Phone Number Registration. | 7.5 |
| 2021-05-27 | CVE-2021-22892 | Information Exposure Through Discrepancy vulnerability in Rocket.Chat An information disclosure vulnerability exists in the Rocket.Chat server fixed v3.13, v3.12.2 & v3.11.3 that allowed email addresses to be disclosed by enumeration and validation checks. | 7.5 |
| 2021-05-21 | CVE-2020-27211 | Information Exposure Through Discrepancy vulnerability in Nordicsemi Nrf52840 Firmware 20201019 Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. | 5.7 |