Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2021-07-25 CVE-2021-37468 Cleartext Storage of Sensitive Information vulnerability in NCH Reflect Customer Relationship Management 3.01
NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.
local
low complexity
nch CWE-312
3.3
2021-07-20 CVE-2021-20478 Unspecified vulnerability in IBM Cloud PAK System 2.3
IBM Cloud Pak System 2.3 could allow a local user in some situations to view the artifacts of another user in self service console.
local
low complexity
ibm
3.3
2021-07-15 CVE-2021-20499 Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7
2021-07-15 CVE-2021-20523 Information Exposure Through an Error Message vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.
network
low complexity
ibm CWE-209
2.7
2021-07-15 CVE-2021-20534 Open Redirect vulnerability in IBM Security Verify Access 10.0.0
IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.
network
low complexity
ibm CWE-601
3.5
2021-07-15 CVE-2021-21587 Information Exposure vulnerability in Dell Wyse Management Suite
Dell Wyse Management Suite versions 3.2 and earlier contain a full path disclosure vulnerability.
local
low complexity
dell CWE-200
3.3
2021-07-15 CVE-2021-34688 Use of Hard-coded Credentials vulnerability in Idrive Remotepc
iDrive RemotePC before 7.6.48 on Windows allows information disclosure.
local
low complexity
idrive CWE-798
3.3
2021-07-13 CVE-2021-31224 Unspecified vulnerability in Stormshield Endpoint Security 2.0.0/2.0.2
SES Evolution before 2.1.0 allows duplicating an existing security policy by leveraging access of a user having read-only access to security policies.
low complexity
stormshield
3.5
2021-07-12 CVE-2021-32680 Nextcloud Server is a Nextcloud package that handles data storage.
local
low complexity
nextcloud fedoraproject
3.3
2021-07-12 CVE-2021-36382 Insufficiently Protected Credentials vulnerability in Devolutions Server
Devolutions Server before 2021.1.18, and LTS before 2020.3.20, allows attackers to intercept private keys via a man-in-the-middle attack against the connections/partial endpoint (which accepts cleartext).
network
high complexity
devolutions CWE-522
3.7