Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-26 | CVE-2023-0463 | Unspecified vulnerability in Devolutions Remote Desktop Manager 2022.3.29/2022.3.30 The force offline MFA prompt setting is not respected when switching to offline mode in Devolutions Remote Desktop Manager 2022.3.29 to 2022.3.30 allows a user to save sensitive data on disk. | 3.3 |
2023-01-23 | CVE-2023-24069 | Unspecified vulnerability in Signal Signal-Desktop ** DISPUTED ** Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. | 3.3 |
2023-01-18 | CVE-2022-34399 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell products Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. | 2.3 |
2023-01-18 | CVE-2023-21843 | Unspecified vulnerability in Oracle Graalvm, JDK and JRE Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). | 3.7 |
2023-01-18 | CVE-2023-21874 | Unspecified vulnerability in Oracle Mysql Server Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). | 2.7 |
2023-01-18 | CVE-2023-21882 | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 2.7 |
2023-01-18 | CVE-2023-21885 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 3.8 |
2023-01-18 | CVE-2023-21889 | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). | 3.8 |
2023-01-16 | CVE-2022-4309 | Cross-Site Request Forgery (CSRF) vulnerability in Subscribe2 Project Subscribe2 The Subscribe2 WordPress plugin before 10.38 does not have CSRF check when deleting users, which could allow attackers to make a logged in admin delete arbitrary users by knowing their email via a CSRF attack. | 3.1 |
2023-01-13 | CVE-2023-22489 | Missing Authorization vulnerability in Flarum Flarum is a discussion platform for websites. | 3.5 |