Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-25 | CVE-2019-13684 | Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 5.3 |
| 2019-11-25 | CVE-2019-13666 | Information Exposure Through Discrepancy vulnerability in Google Chrome Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |
| 2019-11-21 | CVE-2019-18887 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. | 8.1 |
| 2019-11-18 | CVE-2019-10764 | Information Exposure Through Discrepancy vulnerability in Simplito Elliptic-PHP In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. | 5.8 |
| 2019-11-14 | CVE-2019-16863 | Information Exposure Through Discrepancy vulnerability in ST products STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL. | 5.9 |
| 2019-10-31 | CVE-2019-14356 | Information Exposure Through Discrepancy vulnerability in Coinkite Coldcard MK1 Firmware and Coldcard MK2 Firmware On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was found. | 5.3 |
| 2019-10-03 | CVE-2019-15809 | Information Exposure Through Discrepancy vulnerability in multiple products Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. | 1.2 |
| 2019-10-03 | CVE-2019-13628 | Information Exposure Through Discrepancy vulnerability in Wolfssl wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. | 1.2 |
| 2019-09-30 | CVE-2019-3732 | Information Exposure Through Discrepancy vulnerability in multiple products RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) and versions prior to 4.1.3.3 (in 4.1.x), and RSA Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) versions prior to 4.1.6.1 (in 4.1.x) and versions prior to 4.3.3 (4.2.x and 4.3.x) are vulnerable to an Information Exposure Through Timing Discrepancy. | 5.0 |
| 2019-09-30 | CVE-2019-3731 | Information Exposure Through Discrepancy vulnerability in Dell products RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro Edition Suite versions prior to 4.4 are vulnerable to an Information Exposure Through Timing Discrepancy. | 5.0 |