Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2024-09-17 CVE-2024-40830 Unspecified vulnerability in Apple Iphone OS
This issue was addressed with improved data protection.
local
low complexity
apple
3.3
2024-09-17 CVE-2024-40838 Unspecified vulnerability in Apple Macos
A privacy issue was addressed by moving sensitive data to a protected location.
local
low complexity
apple
3.3
2024-09-17 CVE-2024-44139 Unspecified vulnerability in Apple Iphone OS
The issue was addressed with improved checks.
low complexity
apple
2.4
2024-09-17 CVE-2024-44180 Unspecified vulnerability in Apple Iphone OS
The issue was addressed with improved checks.
low complexity
apple
2.4
2024-09-12 CVE-2024-36066 Unspecified vulnerability in Keyfactor Ejbca 8.0.0
The CMP CLI client in KeyFactor EJBCA before 8.3.1 has only 6 octets of salt, and is thus not compliant with the security requirements of RFC 4211, and might make man-in-the-middle attacks easier.
network
high complexity
keyfactor
3.1
2024-09-12 CVE-2024-6446 Unspecified vulnerability in Gitlab
An issue has been discovered in GitLab affecting all versions starting from 17.1 to 17.1.7, 17.2 prior to 17.2.5 and 17.3 prior to 17.3.2.
network
low complexity
gitlab
3.5
2024-09-10 CVE-2024-36511 Unspecified vulnerability in Fortinet Fortiadc
An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature
network
high complexity
fortinet
3.7
2024-09-10 CVE-2024-45323 Unspecified vulnerability in Fortinet Fortiedrmanager 6.0.1
An improper access control vulnerability [CWE-284] in FortiEDR Manager API 6.2.0 through 6.2.2, 6.0 all versions may allow in a shared environment context an authenticated admin with REST API permissions in his profile and restricted to a specific organization to access backend logs that include information related to other organizations.
network
low complexity
fortinet
2.7
2024-09-10 CVE-2024-8443 Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver.
high complexity
opensc-project redhat CWE-787
2.9
2024-09-10 CVE-2024-41728 Missing Authorization vulnerability in SAP Netweaver Application Server Abap
Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package.
network
low complexity
sap CWE-862
2.7