Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-23 | CVE-2019-9815 | Information Exposure Through Discrepancy vulnerability in Mozilla Firefox If hyperthreading is not disabled, a timing attack vulnerability exists, similar to previous Spectre attacks. | 8.1 |
| 2019-07-16 | CVE-2019-13383 | Information Exposure Through Discrepancy vulnerability in Control-Webpanel Webpanel 0.9.8.836 In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login process allows attackers to check whether a username is valid by reading the HTTP response. | 5.3 |
| 2019-05-28 | CVE-2019-12383 | Information Exposure Through Discrepancy vulnerability in Torproject TOR Browser Tor Browser before 8.0.1 has an information exposure vulnerability. | 4.3 |
| 2019-05-24 | CVE-2019-10848 | Information Exposure Through Discrepancy vulnerability in Computrols Building Automation Software Computrols CBAS 18.0.0 allows Username Enumeration. | 5.3 |
| 2019-05-16 | CVE-2019-10114 | Information Exposure Through Discrepancy vulnerability in Gitlab An Information Exposure issue (issue 2 of 2) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. | 7.5 |
| 2019-05-13 | CVE-2019-7217 | Information Exposure Through Discrepancy vulnerability in Citrix Sharefile Citrix ShareFile before 19.12 allows User Enumeration. | 7.5 |
| 2019-04-28 | CVE-2019-11578 | Information Exposure Through Discrepancy vulnerability in Dhcpcd Project Dhcpcd auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by performing latency attacks. | 5.9 |
| 2019-04-17 | CVE-2019-9495 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. | 3.7 |
| 2019-04-17 | CVE-2019-9494 | Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. | 5.9 |
| 2019-03-28 | CVE-2019-6602 | Information Exposure Through Discrepancy vulnerability in F5 products In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility login page may not follow best security practices when handling a malicious request. | 7.5 |