Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-14 | CVE-2020-11683 | Information Exposure Through Discrepancy vulnerability in Linux4Sam At91Bootstrap A timing side channel was discovered in AT91bootstrap before 3.9.2. | 4.6 |
| 2020-09-09 | CVE-2020-1968 | Information Exposure Through Discrepancy vulnerability in multiple products The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. | 3.7 |
| 2020-09-02 | CVE-2020-16150 | Information Exposure Through Discrepancy vulnerability in multiple products A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. | 5.5 |
| 2020-08-31 | CVE-2020-25065 | Information Exposure Through Discrepancy vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. | 7.8 |
| 2020-08-17 | CVE-2020-1459 | Information Exposure Through Discrepancy vulnerability in Microsoft Windows 10 An information disclosure vulnerability exists on ARM implementations that use speculative execution in control flow via a side-channel analysis, aka "straight-line speculation." To exploit this vulnerability, an attacker with local privileges would need to run a specially crafted application. The security update addresses the vulnerability by bypassing the speculative execution. | 7.5 |
| 2020-08-10 | CVE-2020-17478 | Information Exposure Through Discrepancy vulnerability in P5-Crypt-Perl Project P5-Crypt-Perl ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm. | 5.0 |
| 2020-07-29 | CVE-2020-9690 | Information Exposure Through Discrepancy vulnerability in Magento Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepancy vulnerability. | 3.5 |
| 2020-07-23 | CVE-2020-11625 | Information Exposure Through Discrepancy vulnerability in Avertx Hd438 Firmware and Hd838 Firmware An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. | 5.0 |
| 2020-07-22 | CVE-2020-6531 | Information Exposure Through Discrepancy vulnerability in multiple products Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 4.3 |
| 2020-07-13 | CVE-2019-19338 | Information Exposure Through Discrepancy vulnerability in multiple products A flaw was found in the fix for CVE-2019-11135, in the Linux upstream kernel versions before 5.5 where, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort (TAA) error occurs. | 2.1 |