Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-15 | CVE-2021-20523 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
| 2021-07-15 | CVE-2021-20534 | Open Redirect vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 3.5 |
| 2021-07-15 | CVE-2021-21587 | Information Exposure vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. | 3.3 |
| 2021-07-15 | CVE-2021-34688 | Use of Hard-coded Credentials vulnerability in Idrive Remotepc iDrive RemotePC before 7.6.48 on Windows allows information disclosure. | 3.3 |
| 2021-07-13 | CVE-2021-31224 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. low complexity stormshield | 3.5 |
| 2021-07-12 | CVE-2021-32680 | Nextcloud Server is a Nextcloud package that handles data storage. | 3.3 |
| 2021-07-12 | CVE-2021-36382 | Insufficiently Protected Credentials vulnerability in Devolutions Server Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext). | 3.7 |
| 2021-07-09 | CVE-2021-36371 | Improper Certificate Validation vulnerability in Getambassador Emissary-Ingress Emissary-Ingress (formerly Ambassador API Gateway) through 1.13.9 allows attackers to bypass client certificate requirements (i.e., mTLS cert_required) on backend upstreams when more than one TLSContext is defined and at least one configuration exists that does not require client certificate authentication. | 3.7 |
| 2021-07-08 | CVE-2021-25432 | Exposure of Resource to Wrong Sphere vulnerability in Samsung Members Information exposure vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to access chat data. | 3.3 |
| 2021-07-08 | CVE-2021-25439 | Unspecified vulnerability in Samsung Members 2.4.81.13/3.9.10.11 Improper access control vulnerability in Samsung Members prior to versions 2.4.85.11 in Android O(8.1) and below, and 3.9.10.11 in Android P(9.0) and above allows untrusted applications to cause arbitrary webpage loading in webview. | 3.3 |