Vulnerabilities > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-07-25 | CVE-2021-37468 | Cleartext Storage of Sensitive Information vulnerability in NCH Reflect Customer Relationship Management 3.01 NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files. | 3.3 |
2021-07-20 | CVE-2021-20478 | Unspecified vulnerability in IBM Cloud PAK System 2.3 IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console. | 3.3 |
2021-07-15 | CVE-2021-20499 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
2021-07-15 | CVE-2021-20523 | Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 2.7 |
2021-07-15 | CVE-2021-20534 | Open Redirect vulnerability in IBM Security Verify Access 10.0.0 IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 3.5 |
2021-07-15 | CVE-2021-21587 | Information Exposure vulnerability in Dell Wyse Management Suite Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability. | 3.3 |
2021-07-15 | CVE-2021-34688 | Use of Hard-coded Credentials vulnerability in Idrive Remotepc iDrive RemotePC before 7.6.48 on Windows allows information disclosure. | 3.3 |
2021-07-13 | CVE-2021-31224 | Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2 SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies. low complexity stormshield | 3.5 |
2021-07-12 | CVE-2021-32680 | Nextcloud Server is a Nextcloud package that handles data storage. | 3.3 |
2021-07-12 | CVE-2021-36382 | Insufficiently Protected Credentials vulnerability in Devolutions Server Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext). | 3.7 |