Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-06-11 | CVE-2020-13998 | Information Exposure Through Discrepancy vulnerability in Citrix Xenapp 6.5.0.0 Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. | 5.3 |
| 2020-06-08 | CVE-2020-13844 | Information Exposure Through Discrepancy vulnerability in multiple products Arm Armv8-A core implementations utilizing speculative execution past unconditional changes in control flow may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka "straight-line speculation." | 5.5 |
| 2020-06-02 | CVE-2019-14067 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Using non-time-constant functions like memcmp to compare sensitive data can lead to information leakage through timing side channel issue. | 5.5 |
| 2020-05-22 | CVE-2020-13413 | Information Exposure Through Discrepancy vulnerability in Aviatrix Controller An issue was discovered in Aviatrix Controller before 5.4.1204. | 5.3 |
| 2020-05-21 | CVE-2020-6473 | Information Exposure Through Discrepancy vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
| 2020-05-13 | CVE-2020-11063 | Information Exposure Through Discrepancy vulnerability in Typo3 10.4.0/10.4.1 In TYPO3 CMS versions 10.4.0 and 10.4.1, it has been discovered that time-based attacks can be used with the password reset functionality for backend users. | 3.7 |
| 2020-04-16 | CVE-2019-14007 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC7180, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 | 5.5 |
| 2020-04-16 | CVE-2019-10483 | Information Exposure Through Discrepancy vulnerability in Qualcomm products Side channel issue in QTEE due to usage of non-time-constant comparison function such as memcmp or strcmp in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 | 5.5 |
| 2020-04-15 | CVE-2020-10932 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. | 4.7 |
| 2020-04-12 | CVE-2020-11713 | Information Exposure Through Discrepancy vulnerability in Wolfssl 4.3.0 wolfSSL 4.3.0 has mulmod code in wc_ecc_mulmod_ex in ecc.c that does not properly resist timing side-channel attacks. | 7.5 |