Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2022-07-12 CVE-2022-33697 Information Exposure Through Log Files vulnerability in Google Android 10.0/11.0/12.0
Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-2022 Release 1 allows local attackers with log access permission to get IMSI through device log.
local
low complexity
google CWE-532
3.3
2022-07-12 CVE-2022-33698 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0
Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log.
local
low complexity
google CWE-668
3.3
2022-07-12 CVE-2022-33699 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0
Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
local
low complexity
google CWE-668
2.3
2022-07-12 CVE-2022-33700 Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/12.0
Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log.
local
low complexity
google CWE-668
2.3
2022-07-12 CVE-2022-33701 Unspecified vulnerability in Google Android 10.0/11.0/12.0
Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent.
local
low complexity
google
3.3
2022-07-12 CVE-2022-33705 Unspecified vulnerability in Samsung Calendar 11.6.08.0/12.2.11.3000
Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission.
local
low complexity
samsung
3.3
2022-07-12 CVE-2022-33706 Unspecified vulnerability in Samsung Gallery
Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.
low complexity
samsung
2.4
2022-07-12 CVE-2022-35648 Unspecified vulnerability in Nautilus T616 Firmware and T618 Firmware
Nautilus treadmills T616 S/N 100672PRO21140001 through 100672PRO21171980 and T618 S/N 100647PRO21130111 through 100647PRO21183960 with software before 2022-06-09 allow physically proximate attackers to cause a denial of service (fall) by connecting the power cord to a 120V circuit (which may lead to self-starting at an inopportune time).
low complexity
nautilus
2.4
2022-07-07 CVE-2022-2047 Improper Input Validation vulnerability in multiple products
In Eclipse Jetty versions 9.4.0 thru 9.4.46, and 10.0.0 thru 10.0.9, and 11.0.0 thru 11.0.9 versions, the parsing of the authority segment of an http scheme URI, the Jetty HttpURI class improperly detects an invalid input as a hostname.
network
low complexity
eclipse debian netapp CWE-20
2.7
2022-07-07 CVE-2022-23744 Unspecified vulnerability in Checkpoint Endpoint Security and Harmony Endpoint
Check Point Endpoint before version E86.50 failed to protect against specific registry change which allowed to disable endpoint protection by a local administrator.
local
low complexity
checkpoint
2.3