Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-03 | CVE-2019-13456 | Information Exposure Through Discrepancy vulnerability in multiple products In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd handshakes fails because the password element cannot be found within 10 iterations of the hunting and pecking loop. | 6.5 |
| 2019-11-29 | CVE-2015-0837 | Information Exposure Through Discrepancy vulnerability in multiple products The mpi_powm function in Libgcrypt before 1.6.3 and GnuPG before 1.4.19 allows attackers to obtain sensitive information by leveraging timing differences when accessing a pre-computed table during modular exponentiation, related to a "Last-Level Cache Side-Channel Attack." | 5.9 |
| 2019-11-25 | CVE-2019-13684 | Information Exposure Through Discrepancy vulnerability in Google Chrome Inappropriate implementation in JavaScript in Google Chrome prior to 72.0.3626.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 5.3 |
| 2019-11-25 | CVE-2019-13666 | Information Exposure Through Discrepancy vulnerability in Google Chrome Information leak in storage in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 7.4 |
| 2019-11-21 | CVE-2019-18887 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. | 8.1 |
| 2019-11-21 | CVE-2019-18886 | Information Exposure Through Discrepancy vulnerability in Sensiolabs Symfony An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. | 5.3 |
| 2019-11-18 | CVE-2019-10764 | Information Exposure Through Discrepancy vulnerability in Simplito Elliptic-PHP In elliptic-php versions priot to 1.0.6, Timing attacks might be possible which can result in practical recovery of the long-term private key generated by the library under certain conditions. | 7.4 |
| 2019-11-14 | CVE-2019-16863 | Information Exposure Through Discrepancy vulnerability in ST products STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow attackers to extract the ECDSA private key via a side-channel timing attack because ECDSA scalar multiplication is mishandled, aka TPM-FAIL. | 5.9 |
| 2019-11-02 | CVE-2019-18673 | Information Exposure Through Discrepancy vulnerability in Shiftcrypto Bitbox02 On SHIFT BitBox02 devices, a side channel for the row-based OLED display was found. | 4.6 |
| 2019-11-02 | CVE-2019-14360 | Information Exposure Through Discrepancy vulnerability in Hyundai-Pay Hk-1000 On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based OLED display was found. | 4.6 |