Vulnerabilities > Information Exposure Through Discrepancy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-09-04 | CVE-2023-3221 | Information Exposure Through Discrepancy vulnerability in Password Recovery Project Password Recovery 1.2 User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database. | 5.3 |
2023-08-29 | CVE-2023-39522 | Information Exposure Through Discrepancy vulnerability in Goauthentik Authentik goauthentik is an open-source Identity Provider. | 5.3 |
2023-08-28 | CVE-2023-40756 | Information Exposure Through Discrepancy vulnerability in PHPjabbers Callback Widget 1.0 User enumeration is found in PHPJabbers Callback Widget v1.0. | 9.8 |
2023-08-22 | CVE-2023-33850 | Information Exposure Through Discrepancy vulnerability in IBM Cics TX and Txseries for Multiplatform IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. | 7.5 |
2023-08-16 | CVE-2023-40021 | Information Exposure Through Discrepancy vulnerability in Oppia Oppia is an online learning platform. | 5.3 |
2023-08-16 | CVE-2023-40343 | Information Exposure Through Discrepancy vulnerability in Jenkins Tuleap Authentication Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token. | 5.9 |
2023-08-11 | CVE-2022-40982 | Information Exposure Through Discrepancy vulnerability in multiple products Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 6.5 |
2023-08-08 | CVE-2023-20569 | Information Exposure Through Discrepancy vulnerability in multiple products A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. | 4.7 |
2023-08-01 | CVE-2023-20583 | Information Exposure Through Discrepancy vulnerability in AMD * A potential power side-channel vulnerability in AMD processors may allow an authenticated attacker to monitor the CPU power consumption as the data in a cache line changes over time potentially resulting in a leak of sensitive information. | 4.7 |
2023-07-31 | CVE-2023-3462 | Information Exposure Through Discrepancy vulnerability in Hashicorp Vault 1.13.0/1.13.4/1.14.0 HashiCorp's Vault and Vault Enterprise are vulnerable to user enumeration when using the LDAP auth method. | 5.3 |