Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-18 | CVE-2021-3200 | Classic Buffer Overflow vulnerability in multiple products Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service | 3.3 |
| 2021-05-18 | CVE-2020-15279 | Unspecified vulnerability in Bitdefender Endpoint Security Tools 6.6.18.261 An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows versions prior to 6.6.23.320 allows a regular user to learn the scanning exclusion paths. | 3.3 |
| 2021-05-17 | CVE-2021-32453 | Missing Authentication for Critical Function vulnerability in Sitel-Sa Cap/Prx Firmware 5.2.01 SITEL CAP/PRX firmware version 5.2.01 allows an attacker with access to the local network, to access via HTTP to the internal configuration database of the device without any authentication. | 3.3 |
| 2021-05-14 | CVE-2020-27769 | In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCore/quantize.c. | 3.3 |
| 2021-05-14 | CVE-2020-4811 | Improper Input Validation vulnerability in IBM Cloud PAK for Security IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to inject inject malicious data using a specially crafted HTTP request due to improper input validation. | 2.4 |
| 2021-05-14 | CVE-2021-20391 | Insecure Storage of Sensitive Information vulnerability in IBM Qradar User Behavior Analytics 1.0.0/4.1.0 IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 allows web pages to be stored locally which can be read by another user on the system. | 3.3 |
| 2021-05-13 | CVE-2021-22136 | Insufficient Session Expiration vulnerability in Elastic Kibana In Kibana versions before 7.12.0 and 6.8.15 a flaw in the session timeout was discovered where the xpack.security.session.idleTimeout setting is not being respected. | 3.5 |
| 2021-05-13 | CVE-2021-22138 | Improper Certificate Validation vulnerability in Elastic Logstash In Logstash versions after 6.4.0 and before 6.8.15 and 7.12.0 a TLS certificate validation flaw was found in the monitoring feature. | 3.7 |
| 2021-05-13 | CVE-2021-29623 | Exiv2 is a C++ library and a command-line utility to read, write, delete and modify Exif, IPTC, XMP and ICC image metadata. | 3.3 |
| 2021-05-13 | CVE-2020-14354 | Use After Free vulnerability in multiple products A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddrinfo() completing. | 3.3 |