Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-11-21 | CVE-2019-18886 | Information Exposure Through Discrepancy vulnerability in Sensiolabs Symfony An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. | 5.3 |
| 2019-11-18 | CVE-2019-10764 | Information Exposure Through Discrepancy vulnerability in Simplito Elliptic-PHP In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. | 7.4 |
| 2019-11-14 | CVE-2019-16863 | Information Exposure Through Discrepancy vulnerability in ST products STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL. | 5.9 |
| 2019-11-02 | CVE-2019-18673 | Information Exposure Through Discrepancy vulnerability in Shiftcrypto Bitbox02 On SHIFT BitBox02 devices, a side channel for the row-based OLED display was found. | 4.6 |
| 2019-11-02 | CVE-2019-14360 | Information Exposure Through Discrepancy vulnerability in Hyundai-Pay Hk-1000 On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. | 4.6 |
| 2019-11-02 | CVE-2019-14358 | Information Exposure Through Discrepancy vulnerability in Archos Safe-T On Archos Safe-T devices, a side channel for the row-based OLED display was found. | 4.6 |
| 2019-10-31 | CVE-2019-14356 | Information Exposure Through Discrepancy vulnerability in Coinkite Coldcard MK1 Firmware and Coldcard MK2 Firmware On Coldcard MK1 and MK2 devices, a side channel for the row-based OLED display was found. | 5.3 |
| 2019-10-03 | CVE-2019-15809 | Information Exposure Through Discrepancy vulnerability in multiple products Smart cards from the Athena SCS manufacturer, based on the Atmel Toolbox 00.03.11.05 and the AT90SC chip, contain a timing side channel in ECDSA signature generation. | 4.7 |
| 2019-10-03 | CVE-2019-13629 | Information Exposure Through Discrepancy vulnerability in Matrixssl MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA signature generation. | 5.9 |
| 2019-10-03 | CVE-2019-13628 | Information Exposure Through Discrepancy vulnerability in Wolfssl wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. | 4.7 |