Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-18 | CVE-2021-37939 | Cleartext Transmission of Sensitive Information vulnerability in Elastic Kibana It was discovered that Kibana’s JIRA connector & IBM Resilient connector could be used to return HTTP response data on internal hosts, which may be intentionally hidden from public view. | 2.7 |
| 2021-11-17 | CVE-2021-32600 | Information Exposure vulnerability in Fortinet Fortios An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.x and 5.6.x may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list. | 3.8 |
| 2021-11-14 | CVE-2021-43273 | Out-of-bounds Read vulnerability in Opendesign Drawings SDK 2019/2021.11/2021.12 An Out-of-bounds Read vulnerability exists in the DGN file reading procedure in Open Design Alliance Drawings SDK before 2022.11. | 3.3 |
| 2021-11-12 | CVE-2021-38973 | Improper Input Validation vulnerability in IBM products IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. | 2.7 |
| 2021-11-05 | CVE-2021-25501 | Unspecified vulnerability in Google Android 10.0/11.0 An improper access control vulnerability in SCloudBnRReceiver in SecTelephonyProvider prior to SMR Nov-2021 Release 1 allows untrusted application to call some protected providers. | 3.3 |
| 2021-11-05 | CVE-2021-39901 | Unspecified vulnerability in Gitlab In all versions of GitLab CE/EE since version 11.10, an admin of a group can see the SCIM token of that group by visiting a specific endpoint. | 2.7 |
| 2021-11-03 | CVE-2021-36192 | Information Exposure vulnerability in Fortinet Fortimanager An exposure of sensitive information to an unauthorized actor [CWE-200] vulnerability in FortiManager 7.0.1 and below, 6.4.6 and below, 6.2.x, 6.0.x, 5.6.0 may allow a FortiGate user to see scripts from other ADOMS. | 3.8 |
| 2021-11-02 | CVE-2021-43264 | Path Traversal vulnerability in Mahara In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. | 3.3 |
| 2021-11-02 | CVE-2021-36181 | Race Condition vulnerability in Fortinet Fortiportal A concurrent execution using shared resource with improper Synchronization vulnerability ('Race Condition') in the customer database interface of FortiPortal before 6.0.6 may allow an authenticated, low-privilege user to bring the underlying database data into an inconsistent state via specific coordination of web requests. | 3.1 |
| 2021-10-28 | CVE-2021-30816 | Unspecified vulnerability in Apple Ipados and Iphone OS The issue was addressed with improved permissions logic. low complexity apple | 2.4 |