Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-20 | CVE-2020-27170 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. | 4.7 |
| 2021-03-16 | CVE-2020-1926 | Information Exposure Through Discrepancy vulnerability in Apache Hive Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. | 5.9 |
| 2021-03-09 | CVE-2021-21181 | Information Exposure Through Discrepancy vulnerability in multiple products Side-channel information leakage in autofill in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2021-03-09 | CVE-2021-21173 | Information Exposure Through Discrepancy vulnerability in multiple products Side-channel information leakage in Network Internals in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
| 2021-02-23 | CVE-2021-27583 | Information Exposure Through Discrepancy vulnerability in Rangerstudio Directus In Directus 8.x through 8.8.1, an attacker can discover whether a user is present in the database through the password reset feature. | 5.3 |
| 2021-02-22 | CVE-2020-11287 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. | 7.5 |
| 2021-02-03 | CVE-2020-9389 | Information Exposure Through Discrepancy vulnerability in Squaredup 4.6 A username enumeration issue was discovered in SquaredUp before version 4.6.0. | 3.7 |
| 2021-01-11 | CVE-2021-0321 | Information Exposure Through Discrepancy vulnerability in Google Android 11.0 In enforceDumpPermissionForPackage of ActivityManagerService.java, there is a possible way to determine if a package is installed due to side channel information disclosure. | 5.5 |
| 2021-01-08 | CVE-2020-28208 | Information Exposure Through Discrepancy vulnerability in Rocket.Chat An email address enumeration vulnerability exists in the password reset function of Rocket.Chat through 3.9.1. | 5.3 |
| 2020-12-30 | CVE-2019-12953 | Information Exposure Through Discrepancy vulnerability in Dropbear SSH Project Dropbear SSH Dropbear 2011.54 through 2018.76 has an inconsistent failure delay that may lead to revealing valid usernames, a different issue than CVE-2018-15599. | 5.3 |