Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-12-14 | CVE-2021-42070 | Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Jupiter Tessellation (.jt) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application | 3.3 |
| 2021-12-14 | CVE-2021-44431 | Unspecified vulnerability in Siemens JT Open Toolkit and JT Utilities A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). | 3.3 |
| 2021-12-14 | CVE-2021-44436 | Unspecified vulnerability in Siemens JT Open Toolkit and JT Utilities A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). | 3.3 |
| 2021-12-14 | CVE-2021-44444 | Out-of-bounds Read vulnerability in Siemens JT Open Toolkit and JT Utilities A vulnerability has been identified in JT Utilities (All versions < V13.1.1.0), JTTK (All versions < V11.1.1.0). | 3.3 |
| 2021-12-14 | CVE-2021-44448 | Unspecified vulnerability in Siemens JT Open Toolkit and JT Utilities A vulnerability has been identified in JT Utilities (All versions < V13.0.3.0), JTTK (All versions < V11.0.3.0). | 3.3 |
| 2021-12-13 | CVE-2021-39945 | Incorrect Authorization vulnerability in Gitlab Improper access control in the GitLab CE/EE API affecting all versions starting from 9.4 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, allows an author of a Merge Request to approve the Merge Request even after having their project access revoked | 2.7 |
| 2021-12-13 | CVE-2018-25022 | Information Exposure vulnerability in Toktok Toxcore The Onion module in toxcore before 0.2.2 doesn't restrict which packets can be onion-routed, which allows a remote attacker to discover a target user's IP address (when knowing only their Tox Id) by positioning themselves close to target's Tox Id in the DHT for the target to establish an onion connection with the attacker, guessing the target's DHT public key and creating a DHT node with public key close to it, and finally onion-routing a NAT Ping Request to the target, requesting it to ping the just created DHT node. | 3.1 |
| 2021-12-08 | CVE-2021-25513 | Improper Privilege Management vulnerability in Google Android 11.0 An improper privilege management vulnerability in Apps Edge application prior to SMR Dec-2021 Release 1 allows unauthorized access to some device data on the lockscreen. | 2.4 |
| 2021-12-08 | CVE-2021-25515 | Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/9.0 An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | 3.3 |
| 2021-12-08 | CVE-2021-25519 | Missing Authorization vulnerability in Google Android 10.0/11.0/9.0 An improper access control vulnerability in CPLC prior to SMR Dec-2021 Release 1 allows local attackers to access CPLC information without permission. | 3.3 |