Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-15 | CVE-2019-13377 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. | 5.9 |
| 2019-08-13 | CVE-2019-13420 | Information Exposure Through Discrepancy vulnerability in Search-Guard Search Guard Search Guard versions before 21.0 had an timing side channel issue when using the internal user database. | 5.9 |
| 2019-08-12 | CVE-2019-14359 | Information Exposure Through Discrepancy vulnerability in Real-Sec BC Vault Firmware On BC Vault devices, a side channel for the row-based SSD1309 OLED display was found. | 2.4 |
| 2019-08-10 | CVE-2019-14357 | Information Exposure Through Discrepancy vulnerability in Mooltipass Mini Firmware On Mooltipass Mini devices, a side channel for the row-based OLED display was found. | 2.4 |
| 2019-08-10 | CVE-2019-14355 | Information Exposure Through Discrepancy vulnerability in Shapeshift Keepkey Firmware On ShapeShift KeepKey devices, a side channel for the row-based OLED display was found. | 2.4 |
| 2019-08-10 | CVE-2019-14354 | Information Exposure Through Discrepancy vulnerability in Ledger Nano S Firmware and Nano X Firmware On Ledger Nano S and Nano X devices, a side channel for the row-based OLED display was found. | 2.4 |
| 2019-08-08 | CVE-2019-14353 | Information Exposure Through Discrepancy vulnerability in Trezor ONE Firmware On Trezor One devices before 1.8.2, a side channel for the row-based OLED display was found. | 4.2 |
| 2019-07-29 | CVE-2019-12743 | Information Exposure Through Discrepancy vulnerability in Humhub Social Network KIT 1.3.13 HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers to find the user accounts existing on any Social Network Kits (including self-hosted ones) by brute-forcing the username after the /u/ initial URI substring, aka Response Discrepancy Information Exposure. | 5.3 |
| 2019-07-29 | CVE-2019-1020002 | Information Exposure Through Discrepancy vulnerability in Pterodactyl Panel Pterodactyl before 0.7.14 with 2FA allows credential sniffing. | 7.5 |
| 2019-07-23 | CVE-2019-2818 | Information Exposure Through Discrepancy vulnerability in Oracle JDK and JRE Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Security). | 3.1 |