Vulnerabilities > Information Exposure Through Discrepancy
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-06 | CVE-2024-5124 | Information Exposure Through Discrepancy vulnerability in Gaizhenbiao Chuanhuchatgpt A timing attack vulnerability exists in the gaizhenbiao/chuanhuchatgpt repository, specifically within the password comparison logic. | 7.5 |
| 2024-05-22 | CVE-2020-35165 | Information Exposure Through Discrepancy vulnerability in Dell products Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | 4.7 |
| 2024-05-04 | CVE-2023-27283 | Information Exposure Through Discrepancy vulnerability in IBM Aspera Orchestrator 4.0.1 IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. | 5.3 |
| 2024-05-03 | CVE-2021-20556 | Information Exposure Through Discrepancy vulnerability in IBM Cognos Controller 10.4.1/10.4.2/11.0.0 IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 could allow a remote user to enumerate usernames due to differentiating error messages on existing usernames. | 5.3 |
| 2024-04-18 | CVE-2024-30257 | Information Exposure Through Discrepancy vulnerability in Fit2Cloud 1Panel 1Panel is an open source Linux server operation and maintenance management panel. | 5.9 |
| 2024-04-09 | CVE-2024-26221 | Information Exposure Through Discrepancy vulnerability in Microsoft products Windows DNS Server Remote Code Execution Vulnerability | 6.6 |
| 2024-03-20 | CVE-2024-28868 | Information Exposure Through Discrepancy vulnerability in Umbraco CMS Umbraco is an ASP.NET content management system. | 5.3 |
| 2024-03-04 | CVE-2023-38362 | Information Exposure Through Discrepancy vulnerability in IBM Cics TX 10.1 IBM CICS TX Advanced 10.1 could disclose sensitive information to a remote attacker due to observable discrepancy in HTTP responses. | 5.3 |
| 2024-02-26 | CVE-2024-0436 | Information Exposure Through Discrepancy vulnerability in Mintplexlabs Anythingllm 0.0.1/0.1.0 Theoretically, it would be possible for an attacker to brute-force the password for an instance in single-user password protection mode via a timing attack given the linear nature of the `!==` used for comparison. The risk is minified by the additional overhead of the request, which varies in a non-constant nature making the attack less reliable to execute | 5.9 |
| 2024-02-21 | CVE-2022-45177 | Information Exposure Through Discrepancy vulnerability in Liveboxcloud Vdesk 018/031 An issue was discovered in LIVEBOX Collaboration vDesk through v031. | 7.5 |