Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-06 | CVE-2021-36170 | Insufficiently Protected Credentials vulnerability in Fortinet Fortianalyzer and Fortimanager An information disclosure vulnerability [CWE-200] in FortiAnalyzerVM and FortiManagerVM versions 7.0.0 and 6.4.6 and below may allow an authenticated attacker to read the FortiCloud credentials which were used to activate the trial license in cleartext. | 3.2 |
| 2021-10-05 | CVE-2021-39881 | Unspecified vulnerability in Gitlab In all versions of GitLab CE/EE since version 7.7, the application may let a malicious user create an OAuth client application with arbitrary scope names which may allow the malicious user to trick unsuspecting users to authorize the malicious client application using the spoofed scope name and description. | 3.5 |
| 2021-10-04 | CVE-2021-39879 | Missing Authentication for Critical Function vulnerability in Gitlab Missing authentication in all versions of GitLab CE/EE since version 7.11.0 allows an attacker with access to a victim's session to disable two-factor authentication | 3.5 |
| 2021-10-04 | CVE-2021-39896 | Unspecified vulnerability in Gitlab In all versions of GitLab CE/EE since version 8.0, when an admin uses the impersonate feature twice and stops impersonating, the admin may be logged in as the second user they impersonated, which may lead to repudiation issues. | 3.8 |
| 2021-10-04 | CVE-2021-39900 | Information Exposure Through Log Files vulnerability in Gitlab Information disclosure from SendEntry in GitLab starting with 10.8 allowed exposure of full URL of artifacts stored in object-storage with a temporary availability via Rails logs. | 2.7 |
| 2021-10-04 | CVE-2021-41861 | Unspecified vulnerability in Telegram The Telegram application 7.5.0 through 7.8.0 for Android does not properly implement image self-destruction, a different vulnerability than CVE-2019-16248. | 3.3 |
| 2021-09-28 | CVE-2021-41106 | Insufficient Verification of Data Authenticity vulnerability in JWT Project JWT JWT is a library to work with JSON Web Token and JSON Web Signature. | 3.3 |
| 2021-09-28 | CVE-2021-41533 | Unspecified vulnerability in Siemens NX 1984 Firmware, NX 1988 Firmware and Solid Edge A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). | 3.3 |
| 2021-09-28 | CVE-2021-41534 | Out-of-bounds Read vulnerability in Siemens NX 1984 Firmware, NX 1988 Firmware and Solid Edge A vulnerability has been identified in NX 1980 Series (All versions < V1984), Solid Edge SE2021 (All versions < SE2021MP8). | 3.3 |
| 2021-09-28 | CVE-2021-41538 | Access of Uninitialized Pointer vulnerability in Siemens products A vulnerability has been identified in NX 1953 Series (All versions < V1973.3700), NX 1980 Series (All versions < V1988), Solid Edge SE2021 (All versions < SE2021MP8). | 3.3 |