Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-07-29 | CVE-2023-42957 | Unspecified vulnerability in Apple products A permissions issue was addressed with additional restrictions. | 3.3 |
| 2024-07-29 | CVE-2024-6984 | Information Exposure Through an Error Message vulnerability in Canonical Juju An issue was discovered in Juju that resulted in the leak of the sensitive context ID, which allows a local unprivileged attacker to access other sensitive data or relation accessible to the local charm. | 3.8 |
| 2024-07-26 | CVE-2024-4786 | An improper validation vulnerability was reported in the Lenovo Tab K10 that could allow a specially crafted application to keep the device on. local low complexity | 2.8 |
| 2024-07-26 | CVE-2024-41686 | Unspecified vulnerability in Syrotech Sy-Gpon-1110-Wdont Firmware 3.1.02231102 This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to improper implementation of password policies. | 3.3 |
| 2024-07-25 | CVE-2024-40873 | Cross-site Scripting vulnerability in Absolute Secure Access There is a cross-site scripting vulnerability in the Secure Access administrative console of Absolute Secure Access prior to version 13.07. Attackers with system administrator permissions can interfere with another system administrator’s use of the publishing UI when the administrators are editing the same management object. | 3.4 |
| 2024-07-24 | CVE-2024-0231 | Injection vulnerability in Gitlab A resource misdirection vulnerability in GitLab CE/EE versions 12.0 prior to 17.0.5, 17.1 prior to 17.1.3, and 17.2 prior to 17.2.1 allows an attacker to craft a repository import in such a way as to misdirect commits. | 2.7 |
| 2024-07-24 | CVE-2024-3454 | Unspecified vulnerability in Csa-Iot Matter An implementation issue in the Connectivity Standards Alliance Matter 1.2 protocol as used in the connectedhomeip SDK allows a third party to disclose information about devices part of the same fabric (footprinting), even though the protocol is designed to prevent access to such information. low complexity csa-iot | 3.5 |
| 2024-07-23 | CVE-2024-41839 | Unspecified vulnerability in Adobe Experience Manager Adobe Experience Manager versions 6.5.20 and earlier are affected by an Improper Input Validation vulnerability that could lead to a security feature bypass. | 3.5 |
| 2024-07-21 | CVE-2024-6937 | Unspecified vulnerability in Formtools Form Tools 3.1.1 A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. | 2.7 |
| 2024-07-20 | CVE-2024-6694 | The WP Mail SMTP plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 4.0.1. network low complexity | 2.7 |