Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-03-18 CVE-2024-26051 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
network
low complexity
CWE-79
3.4
2024-03-15 CVE-2023-46181 Information Exposure Through Browser Caching vulnerability in IBM Sterling Secure Proxy 6.0.3/6.1.0
IBM Sterling Secure Proxy 6.0.3 and 6.1.0 allows web pages to be stored locally which can be read by another user on the system.
local
low complexity
ibm CWE-525
3.3
2024-03-14 CVE-2024-26246 Unspecified vulnerability in Microsoft Edge 112.0.1722.34/118.0.2088.88
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
low complexity
microsoft
3.9
2024-02-17 CVE-2024-20905 Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Enterprise Infrastructure SEC).
network
low complexity
2.7
2024-02-17 CVE-2024-20911 Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall).
network
high complexity
2.6
2024-02-17 CVE-2024-20923 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).
network
high complexity
3.1
2024-02-17 CVE-2024-20925 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX).
network
high complexity
3.1
2024-02-16 CVE-2024-23591 ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP 800-193-compliant Platform Firmware Resiliency (PFR) security subsystem significantly mitigates this issue.
local
low complexity
CWE-1269
2.0
2024-02-13 CVE-2024-22043 A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.251), Parasolid V35.1 (All versions < V35.1.170).
local
low complexity
CWE-476
3.3
2024-02-12 CVE-2024-23760 Information Exposure Through Log Files vulnerability in Gambio 4.9.2.0
Cleartext Storage of Sensitive Information in Gambio 4.9.2.0 allows attackers to obtain sensitive information via error-handler.log.json and legacy-error-handler.log.txt under the webroot.
network
low complexity
gambio CWE-532
2.7